Joined: 04 Mar 2021 Posts: 65 Location: Manchester
Posted: Tue Apr 13, 2021 0:15 Post subject: [SOLVED]Huawei Mediapad T5 VPN not working DDWRT
I have a Huawei Mediapad T5 which is connected to the VPN wireless on Netgear R7000 running DDWRT. I have checked all other devices which include PS5, iPhone, Laptop and desktop running Linux, Android TV box all show the VPN address but not the Huawei Media pad T5 shows my real ip for my isp and not the VPN. I have tried to restart the Huawei Media pad T5, deleted wireless network both 2.4 & 5 ghz with the same results. Webrtc is is disabled on the Firefox browser.
If I connect through open vpn or my vpn client, it works but if I disconnect it, real up shown even though the ddwrt is on vpn. All other devices do not have this issue and anything connected to the ddwrt shows the vpn ip.
Can anyone help? _________________ Netgear R7000
DD-WRT DD-WRT v3.0-r50595 std (10/23/22)
Manchester
Enable dnsmasq- Yes
Encrypt DNS- NO
DNSCrypt Resolver- No Using Smart DNS
Cache DNSSEC Data- Yes
Validate DNS Replies (DNSSEC)- NO
Check Unsigned DNS Replies- NO
No DNS Rebind- Enable
Query DNS in Strict Order- Enable
Add Requestor MAC to DNS Query- Disable
RFC4039 Rapid Commit Support- Enable
Maximum Cached Entries- 1500
Joined: 04 Mar 2021 Posts: 65 Location: Manchester
Posted: Tue Apr 13, 2021 8:59 Post subject:
Apologies, when I connect the tablet using open VPN for android which is installed on the tablet, the VPN works but when I disconnect that and connect to the WiFi on the DDWRT router which has VPN running, my ip is shown. All other devices the VPN works fine when connected to the WiFi on the DDWRT router.
In other words, the only way to have VPN on the tablet is by using open VPN Android which is installed on the tablet. I hope this now makes sense.
Apologies if I broke rules with this post by posting in the wrong category. _________________ Netgear R7000
DD-WRT DD-WRT v3.0-r50595 std (10/23/22)
Manchester
Enable dnsmasq- Yes
Encrypt DNS- NO
DNSCrypt Resolver- No Using Smart DNS
Cache DNSSEC Data- Yes
Validate DNS Replies (DNSSEC)- NO
Check Unsigned DNS Replies- NO
No DNS Rebind- Enable
Query DNS in Strict Order- Enable
Add Requestor MAC to DNS Query- Disable
RFC4039 Rapid Commit Support- Enable
Maximum Cached Entries- 1500
Joined: 04 Mar 2021 Posts: 65 Location: Manchester
Posted: Tue Apr 13, 2021 9:00 Post subject:
I am using www.dnsleak.com and www.whoer.net and www.ipleaks.net _________________ Netgear R7000
DD-WRT DD-WRT v3.0-r50595 std (10/23/22)
Manchester
Enable dnsmasq- Yes
Encrypt DNS- NO
DNSCrypt Resolver- No Using Smart DNS
Cache DNSSEC Data- Yes
Validate DNS Replies (DNSSEC)- NO
Check Unsigned DNS Replies- NO
No DNS Rebind- Enable
Query DNS in Strict Order- Enable
Add Requestor MAC to DNS Query- Disable
RFC4039 Rapid Commit Support- Enable
Maximum Cached Entries- 1500
Joined: 18 Mar 2014 Posts: 12874 Location: Netherlands
Posted: Tue Apr 13, 2021 9:20 Post subject:
You did not break any rules so no need to apologize
The important questions from @ eibgrad still needs answering.
Are you using Policy Based Routing?
Because that is how some of your clients can use the WAN and others the VPN.
If not then all attached client must use the VPN and if a client does not then check if it uses your wifi or perhaps someone elses, also check if the VPN on the client is indeed totally switched of otherwise it could connect to something else than your router is connecting to.
To test add a killswitch to your router to stop traffic going out of the WAN.
Joined: 04 Mar 2021 Posts: 65 Location: Manchester
Posted: Tue Apr 13, 2021 11:48 Post subject:
I am not using policy based routing but to be certain, how can I check this?
I have checked and it is using my wifi. I even deleted all wifi and added them again and had ro enter the login details for the wifi.VPN is switched on and working:
VPN Client Stats
TUN/TAP read bytes 86996283
TUN/TAP write bytes 2147483647
TCP/UDP read bytes 2147483647
TCP/UDP write bytes 102521824
Auth read bytes 2147483647
pre-compress bytes 0
post-compress bytes 0
pre-decompress bytes 0
post-decompress bytes 0
How do I add this command iptables -I FORWARD -o $(get_wanface) -j REJECT
Firewall is off. _________________ Netgear R7000
DD-WRT DD-WRT v3.0-r50595 std (10/23/22)
Manchester
Enable dnsmasq- Yes
Encrypt DNS- NO
DNSCrypt Resolver- No Using Smart DNS
Cache DNSSEC Data- Yes
Validate DNS Replies (DNSSEC)- NO
Check Unsigned DNS Replies- NO
No DNS Rebind- Enable
Query DNS in Strict Order- Enable
Add Requestor MAC to DNS Query- Disable
RFC4039 Rapid Commit Support- Enable
Maximum Cached Entries- 1500
Joined: 04 Mar 2021 Posts: 65 Location: Manchester
Posted: Tue Apr 13, 2021 22:34 Post subject:
The DDWRT is in router mode and the WAN port is connected to the ISP modem.
I know how to do the commands. Should I still excute? I have wired connection for my TV and PS5 on Lan1 and Lan 2.All the rest on wireless.
Firewall is on.
VPN is on. _________________ Netgear R7000
DD-WRT DD-WRT v3.0-r50595 std (10/23/22)
Manchester
Enable dnsmasq- Yes
Encrypt DNS- NO
DNSCrypt Resolver- No Using Smart DNS
Cache DNSSEC Data- Yes
Validate DNS Replies (DNSSEC)- NO
Check Unsigned DNS Replies- NO
No DNS Rebind- Enable
Query DNS in Strict Order- Enable
Add Requestor MAC to DNS Query- Disable
RFC4039 Rapid Commit Support- Enable
Maximum Cached Entries- 1500
When you say the router is in router mode I hope you are not referring to the setting of "Operating Mode" on the Advanced Routing Page that should be left in "Gateway"
What are the differences between 'gateway' & 'router',since all op's wire or wireless devices worked.
Joined: 04 Mar 2021 Posts: 65 Location: Manchester
Posted: Fri Apr 16, 2021 20:25 Post subject:
I tried the command and saved firewall and lost connection because the main router has a cable which is connected to the WAN port of the DDWRT router. The VPN is now not working on all devices connected through wifi apart from a linux laptop. Before the iPhone was not showing my real IP when connected to the DDWRT router wifi, now it is doing the same thing as the huawei pad. _________________ Netgear R7000
DD-WRT DD-WRT v3.0-r50595 std (10/23/22)
Manchester
Enable dnsmasq- Yes
Encrypt DNS- NO
DNSCrypt Resolver- No Using Smart DNS
Cache DNSSEC Data- Yes
Validate DNS Replies (DNSSEC)- NO
Check Unsigned DNS Replies- NO
No DNS Rebind- Enable
Query DNS in Strict Order- Enable
Add Requestor MAC to DNS Query- Disable
RFC4039 Rapid Commit Support- Enable
Maximum Cached Entries- 1500
Joined: 04 Mar 2021 Posts: 65 Location: Manchester
Posted: Wed Apr 28, 2021 11:45 Post subject:
No one seems keen to help not sure why _________________ Netgear R7000
DD-WRT DD-WRT v3.0-r50595 std (10/23/22)
Manchester
Enable dnsmasq- Yes
Encrypt DNS- NO
DNSCrypt Resolver- No Using Smart DNS
Cache DNSSEC Data- Yes
Validate DNS Replies (DNSSEC)- NO
Check Unsigned DNS Replies- NO
No DNS Rebind- Enable
Query DNS in Strict Order- Enable
Add Requestor MAC to DNS Query- Disable
RFC4039 Rapid Commit Support- Enable
Maximum Cached Entries- 1500
Joined: 18 Mar 2014 Posts: 12874 Location: Netherlands
Posted: Wed Apr 28, 2021 11:58 Post subject:
Because you are not providing enough information.
As you have been tinkering a lot with the router consider resetting to defaults and only do the minimal setup (manually of course do not restore from a backup file)
Provide details about your network setup. if you followed a wiki what wiki did you follow.
Joined: 04 Mar 2021 Posts: 65 Location: Manchester
Posted: Mon Jun 07, 2021 0:03 Post subject: SOLVED
This issue has been resolved, I am not sure how but this is what I did.
1. Flashed DDWRT DD-WRT v3.0-r46788 std (05/28/21)
from scratch.
2. Set up the router using save, next setting, save and then when I have finished that is when I hit Apply and reboot the router. _________________ Netgear R7000
DD-WRT DD-WRT v3.0-r50595 std (10/23/22)
Manchester
Enable dnsmasq- Yes
Encrypt DNS- NO
DNSCrypt Resolver- No Using Smart DNS
Cache DNSSEC Data- Yes
Validate DNS Replies (DNSSEC)- NO
Check Unsigned DNS Replies- NO
No DNS Rebind- Enable
Query DNS in Strict Order- Enable
Add Requestor MAC to DNS Query- Disable
RFC4039 Rapid Commit Support- Enable
Maximum Cached Entries- 1500