Asus RT-AC68u Leak Test failing

p5093545p5093545
edited July 2017 in VPN Setup Support
Hi
I just got this router to use as my VPN connection to PIA, this router will be connected to the another router which  connects to my modem. I've got the vpn client to connect but for some reason I can't pass the DNS Leak tests. I'm using the CA Toronto.ovpn and the ca.rsa.2048.crt files.In the WAN DNS Setting I'm using
1. Connect to DNS Server Automatically – No
2. DNS Server 1 – 208.67.222.222
3. DNS Server 2 – 208.67.220.220

The host names I'm getting in the leak test page are
m5.yyz.opendns.com
m11.yyz.opendns.com
m9.yyz.opendns.com
m1.yyz.opendns.com
m7.yyz.opendns.com

Any help or advise to get my setup to pass the leak test would be greatly appreciated
Thanks

Comments

  • Omnibus_IVOmnibus_IV
    edited July 2017
    DNS request come from the source first. The source being your local machine. If there is no DNS assigned, it will then move to the next gateway in the path. Assume that you have Local Machine (LM), Router1(R1), Modem (M1). The LM will first look to see if it has a DNS assigned. Yes? Use it. No? Go the next gateway which is R1. Yes? Use it. No? Go to the next gateway which is M1. This will always have the ISP's assigned DNS and cannot be changed.

    So, check your DNS starting at LM, R1, R2, Rn+1, M1. Somewhere in that path is a DNS address. Most of the times the DNS will be assigned to the next gateway in the path. So LM will use R1, R1, will use R2, R2 will use Rn+1, etc... until M1 is the final source (assuming there are no other DNS assignments).

    So try adding PIA DNS server address of 209.222.18.222 Primary and 209.222.18.218 secondary to your LM. Check for DNS leak. If you still have it then something is overriding the DNS addressing and needs to be sought our and destroyed (LOL).

    There is one more DNS server I am checking. That is Comodo's DNS server. I don't know how secure it is, so caveat emptor. (p)8.26.56.26 and (s)8.20.247.20

    Before making changes, disconnect from the VPN first. This way any changes you make will become active on the next VPN session.

  • p5093545p5093545
    Thanks for the response

    Fixed :
    Changed PIA DNS server address to 209.222.18.222 Primary and 209.222.18.218 Secondary in Routers WAN DNS Settings

    Once again thanks for your help
  • Omnibus_IVOmnibus_IV
    Glad I could help. Just a word of caution. If you added the DNS to your router, when you are not connected to PIA the router will still try to use that DNS. I do not know what will happen or what the default will be.
  • PiaVipperPiaVipper
    Omnibus_IV said:
    Glad I could help. Just a word of caution. If you added the DNS to your router, when you are not connected to PIA the router will still try to use that DNS. I do not know what will happen or what the default will be.

    The default will simply use the alternate DNS server, so not a problem. However, I do not see any scenario when you'd want to turn off the VPN.
Sign In or Register to comment.