[jamjah]

I am trying to replace a Asus RT-AC51U with a D-Link DIR-868L as I want a killswitch. If it drops power, devices connected to it recieve an IP from Primary.

The setup I would like is:
Primary router:
(ISP supplied - Plusnet Hub One)
Internal IP 192.168.1.1
DCHP range 192.168.100-199

Secondary Router:
D-Link DIR-868L
External IP 192.168.1.2
Internal 10.0.0.1
DCHP 10.0.0.10-

Devices connected to the secondary router be routed through the VPN. These devices should never get an IP from primary router.
Nothing needs to see from 192.*.*.* to 10.*.*.* and vice versa.

Method:
1. Install DD-WRT as per https://wiki.dd-wrt.com/wiki/index.php/D-Link_DIR-868L#Installation_Instructions
Using v3.0 37305
2. https://www.privateinternetaccess.com/helpdesk/guides/routers/dd-wrt-3/dd-wrt-openvpn-setup-2
AND also tried
https://support.cyberghostvpn.com/hc/en-us/articles/213811885-Router-How-to-configure-OpenVPN-for-flashed-DD-WRT-routers

3. Change settings to:
Setup::BasicSetup::Network Setup

Local IP: 10.0.0.1
Subnet Mask: 255.255.255.0
Gateway: 192.168.1.1
Locl DNS: 0.0.0.0

Setup::BasicSetup::Time Settings
NTP Client: Enable
Time Zone: Europe/London
Server IP/address: uk.pool.ntp.org

Setup::BasicSetup::Network Address Server Settings (DHCP)
DHCP Type: DHCP Server
HCP Server: Enable
Start IP Address: 10.0.0.100

I have tried a Rev A and a Rev C DIR867 using the appropriate files.
I have tried Private Internet Access and CyberGhost. Both show the VPN connected in status but as soon as the VPN connects, devices on the secondary router loose Internet access.

The ASUS did not require any changes being made on the Primary router (which the interface is annoyingly basis) so I don't think the Primary router is the issue, but unproven.

I suspect that the issue is settings in DD-WRT(my fault probably). Possibly gateway, or firewall probably needing some form of instruction.

I have watched countless YouTube tutorials, read everything we could find on the forum (which admittedly confused me as we all are trying to do something slightly different) but tried all the firewall rules and killswitch methods I saw, and Googled - all without success.

Sorry if this is obvious or basic. DD-WRT is probably a tad too Advanced for my skill set. I'm more application than infrastructure - but we all start somewhere!

Any help or even pointers gratefully received.

J

[egc]

Try the following: Gateway should be kept at its default 0.0.0.0 just as local DNS

Assuming the router is in gateway mode and connected with its WAN to the LAN of the primary router