Dedicated IP and Captchas NordVPN

Hi guys, before I subscribe to a dedicated IP from NordVPN is there anything I can do to reduce the amount of captchas I'm receiving? its getting beyond a joke now. Ive tried clearing my cookies and changing servers buts its ridiculous now.
BTW is there any downsides having a dedicated IP address?
Thanks in advance

isn't that a question for NordVPN ?

or do you believe Openwrt is (somehow) to blame ?

1 Like

Sorry my question was badly written.....I am thinking of subscribing to a dedicated IP from NordVPN.. before I do is there any setting i can try within openwrt that may reduce captchas....I understand its got nothing to do with openwrt.

Yes, there is a setting - called "disable" on vpn connection.

You can use PBR e.g. to exclude destinations of using the vpn.

Will this work? the captchas happen when I do a general google search....is it possible to us PBR for only google?

Thanks for this can you guide me how this will help when the captchas appear when doing generic google searches....will this mean my VPN is the disabled for the whole session?
BTW where abouts is that setting?

Thanks

You can send request to e.g. google via the WAN instead of via the VPN see:
https://openwrt.org/docs/guide-user/network/routing/pbr

You pay for VPN which feeds you with captchas... Not an openwrt problem - dont you think?

1 Like

Thanks egc.....I'm I on the right track...I have attached my rule using policy routing.
The first entry is the IP of my computer which currently tunnels via the VPN.
The google rule I entered doesn't appear to work, I even tried inserting my local computer IP to see if they made a difference and even inserted port 80 for local and remote.


Unfortunately neither made a difference.

Thanks

Also set DNS for 192.168.1.80 in the PBR GUI

I'm sorry for sounding dumb...I cant see an area in the GUI for DNS...even if I were to find it are you talking about my DNS servers which are 8.8.8.8 and 1.0.0.1

Should I create another 2 rules for DNS 8.8.8.8 & 1.0.0.1 to use WAN for IP 192.168.1.80

Thanks

If you just need a static IP try https://hoppy.network - uses Wireguard

With the newest PBR package you can specify DNS servers per client to use but if that is not present use option 6 to specify a DNS server for you client. this will follow the same routing as the client.
See: https://github.com/egc112/OpenWRT-egc-add-on/tree/main/stop-dns-leak#policy-based-routing

Thanks egc, looks like this process is a little over my head but I'll give it a try. Ive read the info with the link you provided not sure where I would insert my DNS config. If I do find it is this the correct syntax:

config tag tag1  
    list dhcp_option '6,1.1.1.1,1.0.0.1 

config host  
    option name client1
    option ip 192.168.1.80
    list tag 'tag1'

or this one

I found another spot which I read up about in the lan interface DCHP advanced and i tried this 6,192.168.1.80,1.1.1.1,1.0.0.1

Ive checked the version of my PBR service and its luci-app-pbr 1.1.1-7, it appears theres no update for it. Is there a way to manually update it so that I have the ability to insert DNS for my client in the Web GUI? my OpenWrt version is OpenWrt 23.05.3 r23809-234f1a2efa.

Thanks in advance

You can insert it in your /etc/config/dhcp this is to use it for your individual clients.

In the GUI (interfaces > DHCP server >Advanced) you can set the option for the whole interface if that is what you want you can set it in the interface

Thanks can I confirm what I have done so that I can ensure I'm doing this correctly.

I have inserted this in my /etc/config/dhcp at he end of the file:

config tag 'tag1'  
    list dhcp_option '6,1.1.1.1,1.0.0.1'  

config host  
    option name 'client1'
    option ip '192.168.1.80'
    list tag 'tag1'

I have attached my PBR rules for google.

Do I have to assign ports for google? I've tried port 80 and 443 and again it has made no difference. So now I've left everything as default.

Is it important to stop/start PBR service and or reboot router.(I've done this too)

Not sure if this helps in my wireguard config I am already using custom DNS as specified above and not my VPN provider.

This is how I test it:
I clear my browser history
Go to google
Search whats my IP
Have to complete captcha before results appear

Thanks...if this should work I will persist.

You do not need to set google.

With your client and DNS set to use the desired route that is all you can do.

You can check with ipleak.net that you do not have a DNS leak.

That is basically all you can do.

Thanks for your help....I've deleted those google rules from the PBR services.
Looks like its a no go, I either have to put up with it or purchase a dedicated IP from NordVPN.
Really appreciate your help.

1 Like

Hi egc, i forgot to ask....how do i check whether google is using the WAN instead of the VPN.. .is there a test i can run....ive tried to do a whats my ip search in google and it displays the VPN ip on the front page of google.