Hello,
I have an Asus RT-N16 running openwrt compiled trunk. It has always performed incredibly well, although loaded with many jobs.
Now I decided to get a vpn provider, which is working well if setup directly on my laptop. But I want to set it up directly on the router so that everyone can use the tunnel.
For that, I installed mwan3 multiwan, once that I already had another vpn tunnel to the router in my office, working very well for a number of years.
The problem is that when I enable the wan2 vpn connection, all DNS functionality is gone, although I can ping by address, but not by name. I examined the log of the openvpn connection, properly completed, and I can see that the server pushes the DNS addresses that somehow never become active. And the previous, given by DHCP of wan1, cease to work:
Tue Mar 24 11:05:22 2015 us=829220 SENT CONTROL [Private Internet Access]: 'PUSH_REQUEST' (status=1)
Tue Mar 24 11:05:22 2015 us=905541 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 999.999.999.999,dhcp-option DNS 999.999.999.999,ping 10,comp-lzo no,route 999.133.1.1,topology net30,ifconfig 999.133.1.6 999.133.1.5'
I looked inside /tmp/resolv.conf.auto and the wan DNS addresses are there, but not the ones given by the vpn connection above
/etc/config/network:
config switch 'eth0'
option name 'switch0'
option reset '1'
option enable_vlan '1'
config switch_vlan 'eth0_1'
option device 'switch0'
option vlan '1'
option ports '1 2 3 4 8t'
config switch_vlan 'eth0_2'
option device 'switch0'
option vlan '2'
option ports '0 8t'
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix '9999:9999:9999::/48'
config interface 'lan'
option type 'bridge'
option proto 'static'
option netmask '255.255.255.0'
option ip6assign '60'
option ipaddr '192.168.1.2'
option _orig_ifname 'eth0.1 wl0'
option _orig_bridge 'true'
option ifname 'eth0.1 wl0'
config interface 'wan'
option ifname 'eth0.2'
option proto 'dhcp'
option macaddr '99:99:99:99:99:99'
option metric '10'
config interface 'vpn'
option ifname 'tun0'
option _orig_ifname 'tun0'
option _orig_bridge 'false'
option proto 'none'
config interface 'wan2'
option ifname 'tun1'
option _orig_ifname 'tun1'
option _orig_bridge 'false'
option proto 'none'
option auto '1'
option metric '30'
/etc/config/openvpn: (tun0 has nothing to do with the case)
config openvpn 'myvpn_tun0'
option enabled '1'
option ifconfig '192.168.10.2 192.168.10.1'
list route '192.168.2.0 255.255.255.0 192.168.10.2'
option remote 'anyserver.com 99999'
option client '1'
option nobind '1'
option tls_client '1'
option dev 'tun0'
option proto 'udp'
option resolv_retry 'infinite'
option persist_key '1'
option persist_tun '1'
option mute_replay_warnings '5'
option ca '/etc/openvpn/ca-tun0.crt'
option cert '/etc/openvpn/client-tun0.crt'
option key '/etc/openvpn/client-tun0.key'
option ns_cert_type 'server'
option tls_auth '/etc/openvpn/ta-tun0.key 1'
option comp_lzo 'yes'
option verb '5'
option mute '5'
option log '/mmc/mylogs/openvpn/openvpn-tun0.log'
option status '/var/openvpn-status.log'
option ping '10'
option ping_restart '30'
option cipher 'AES-256-CBC'
config openvpn 'myvpn_tun1'
option remote 'anyserver1.com 1194'
option comp_lzo 'yes'
option nobind '1'
option dev 'tun1'
option proto 'udp'
option persist_key '1'
option persist_tun '1'
option client '1'
option auth_user_pass '/etc/openvpn/auth-tun1'
option ca '/etc/openvpn/ca-tun1.crt'
option tls_client '1'
option verb '5'
option mute '5'
option log '/mmc/mylogs/openvpn/openvpn-tun1.log'
option status '/var/openvpn-status-tun1.log'
option ping '10'
option ping_restart '30'
option remote_cert_tls 'server'
option reneg_sec '0'
option pull '1'
/etc/config/mwan3:
config interface 'wan'
option enabled '1'
list track_ip '8.8.4.4'
list track_ip '8.8.8.8'
list track_ip '208.67.222.222'
list track_ip '208.67.220.220'
option reliability '2'
option count '1'
option timeout '2'
option interval '5'
option down '3'
option up '8'
config interface 'wan2'
option enabled '0'
list track_ip '8.8.8.8'
list track_ip '208.67.220.220'
option reliability '1'
option count '1'
option timeout '2'
option interval '5'
option down '3'
option up '8'
config member 'wan_m1_w3'
option interface 'wan'
option metric '1'
option weight '3'
config member 'wan_m2_w3'
option interface 'wan'
option metric '2'
option weight '3'
config member 'wan2_m1_w2'
option interface 'wan2'
option metric '1'
option weight '2'
config member 'wan2_m2_w2'
option interface 'wan2'
option metric '2'
option weight '2'
config policy 'wan_only'
list use_member 'wan_m1_w3'
config policy 'wan2_only'
list use_member 'wan2_m1_w2'
config policy 'balanced'
list use_member 'wan_m1_w3'
list use_member 'wan2_m1_w2'
config policy 'wan_wan2'
list use_member 'wan_m1_w3'
list use_member 'wan2_m2_w2'
config policy 'wan2_wan'
list use_member 'wan_m2_w3'
list use_member 'wan2_m1_w2'
config rule 'youtube'
option sticky '1'
option ipset 'youtube'
option dest_port '80,443'
option proto 'tcp'
option use_policy 'wan2_only'
config rule 'https'
option sticky '1'
option dest_port '443'
option proto 'tcp'
option use_policy 'wan2_only'
config rule 'default_rule'
option dest_ip '0.0.0.0/0'
option use_policy 'wan_only'
Can somebody please help me activate my DNS using this setup?
TIA
jss