Need a hand setting up an ER605

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Need a hand setting up an ER605

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Need a hand setting up an ER605
Need a hand setting up an ER605
2022-09-27 14:40:34
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.0.1 Build 20220223 Rel.68551

I'm pretty much brand new to anything to do with networking but purchased this router in order to be able to force a DNS server... I need a hand in figuring out how to setup port forwarding rules with port 53 in mind. Also I was wondering if anyone can shed some light on if I could block VPN's from being used with this router. I've tried to follow some guides on youtube for setting up this router but feel COMPLETELY overwhelmed because I'm not setting up a business network with this router, I'm really just looking for how to force all traffic through a DNS that I have set on this router and if it's possible to block vpn traffic. I appreciate any help and your patience with me.

  0      
  0      
#1
Options
8 Reply
Re:Need a hand setting up an ER605
2022-09-27 15:14:41 - last edited 2022-10-13 10:08:06

EDIT

  0  
  0  
#2
Options
Re:Need a hand setting up an ER605
2022-09-27 15:20:36 - last edited 2022-09-27 15:20:57

  @btx 

so setting the lan interface does set the DNS server.. BUT if you set it locally on any machine to googles it'll just bypass it, the solution I found for that was involving permitting and denying access to everything but port 53 to force it through the DNS that is set on the lan interface, but I can't seem to understand how that works, if policy groups need to be setup, how to actually do that etc... Again the videos I've seen are setting up for full business settings where they have many many groups, I'm really only working for a local home network where I want to control the flow of traffic through a specific DNS

  0  
  0  
#3
Options
Re:Need a hand setting up an ER605
2022-09-27 16:33:30 - last edited 2022-10-13 10:07:56

EDIT

  0  
  0  
#4
Options
Re:Need a hand setting up an ER605
2022-09-27 16:36:35 - last edited 2022-09-27 16:46:26

  @Cmang 

 

you can block incoming VPN traffic by forwarding VPN ports to a non existant IP address.

 

TCP 1723 for PPTP

UDP 500, 4500 and 7101 for LT2P and IPSec

 

Others listed with a simple google.

 

I believe you can block Outgoing VPNs by turning off the respective ALGs

 

You can set any public DNS server as the DNS address for DHCP LAN clients in the LAN configs (and also in the WAN config)

  0  
  0  
#5
Options
Re:Need a hand setting up an ER605
2022-09-27 16:58:24

  @GRL 

 

So with the public DNS set in both wan and lan, IF I change a dns on my network card to googles, 8.8.8.8 it'll bypass the DNS i've set on the LAN/WAN, this was more what I was wondering about with... if there is a way to force a public DNS through the router so that it doesn't matter if a computer on the network changes its own DNS. Thank you for the information about the VPN information too, I appreciate it a ton!

  0  
  0  
#6
Options
Re:Need a hand setting up an ER605
2022-09-27 17:00:47 - last edited 2022-10-13 10:07:47

EDIT

  0  
  0  
#7
Options
Re:Need a hand setting up an ER605
2022-09-27 17:19:36 - last edited 2022-09-27 17:20:49

  @btx 

 

my original post didnt include the 2nd half of it so i updated.  you can block PPTP and L2TP / IPSec client-on-LAN vpns by disabling their respective ALGs on the router, but i dont think you can block OpenVPN. 

 

Disabling the ALGs effectively blocks any outgoing VPN connections through the NAT of the router

  0  
  0  
#8
Options
Re:Need a hand setting up an ER605
2022-09-27 17:48:16 - last edited 2022-10-13 10:07:36

EDIT

  0  
  0  
#9
Options