Wireguard traffic leaking Asus RT-N66U [46885] big [SOLVED]

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
Ocheabos
DD-WRT Novice


Joined: 23 Apr 2020
Posts: 8

PostPosted: Sun Jul 18, 2021 2:27    Post subject: Wireguard traffic leaking Asus RT-N66U [46885] big [SOLVED] Reply with quote
I needed wireguard on this router so I moved from merlin to first dd-wrt.v24-44715_NEWD-2_K3.x-big-RT-N66U.trx (as database suggests), which was faulty on WAN and right after that I flashed dd-wrt.v24-46885_NEWD-2_K3.x-big-RT-N66U.trx and followed guide DDWRT WireGuard client setup guide v15
Everything seems to be working so far, except...

My real IP is exposed to certain sources

ipleak.net shows my VPN IP
2ip.ru shows real IP
myipaddress.com shows VPN IP
ifconfig.me shows VPN

ifconfig.co has 2 ips under it's name 1) http://104.18.7.156/ 2) http://172.67.133.228/
I tried going straight to this IPs and 1st one shows my VPN ip another shows real IP always. Refresh, restart, different devices, site ifconfig.co likewise, shows real or vpn IP, whichever is cached as dns response (I guess?)

Nothing was done with routing on Asus. This doesn't seem to be leaks, they are consistent. I've tested on android and ubuntu both browser and curl and they are consistent across 3 devices.

I tried putting different DNS servers on devices and it has same issue, at last I tried kill switch, this would block those sites that are identifying my IP directly (dd-wrt.com was one of them) and couldn't access.

this config works on wireguard windows & ubuntu, no leaks.
Wireguard config

Use DNSMasq for DNS -checked
DHCP-Authoritative -checked
using public dns in DHCP and tried putting vpn server's dns in wireguad tunnel "DNS servers via tunnel" even though it's not provided in their config


Last edited by Ocheabos on Thu Aug 05, 2021 17:22; edited 1 time in total
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Sun Jul 18, 2021 7:11    Post subject: Reply with quote
Buy reading glasses Cool

Look at your Allowed IP's and if you do not see the error look again Smile

Hint: you are only routing the lower half of the internet via the WG tunnel

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum