Keenetic Routing

By configuring static routes on Keentic routers, you can set up services and websites in such a way that only selected resources will work with a VPN connection, while all other traffic bypasses it. Or you can exclude certain sites from using the VPN.

To configure routing, you will need to install additional components, download the file with the necessary routes, and upload them to the router.

DNS Setup

Special protocols DNS over TLS and DNS over HTTPS have been implemented for the security of DNS traffic. Their main task is to encrypt DNS traffic to prevent interception and to provide additional confidentiality and security.

Component installation

1. In the Management section, select the System Settings tab.

2. Click on the button Change Component Set.

3. Find components by the word DNS.

4. Select services DNS-over-TLS Proxy and DNS-over-HTTPS Proxy.

5. Press Update KeeneticOS.

Adding DNS records

1. Click on the gear icon at the top right of the configurator page and select command line.

2. Enter the commands below in sequence.

That is, in the field Command you enter "dns-proxy", press Send request and so on line by line:

dns-proxy

tls upstream 8.8.8.8 sni dns.google

tls upstream 8.8.4.4 sni dns.google

tls upstream 1.1.1.1 sni cloudflare-dns.com

tls upstream 1.0.0.1 sni cloudflare-dns.com

exit

system configuration save

The final list will look like this:

3. Restart the router: Management → System Settings → System Reboot → Restart.

Disabling ISP DNS and IPv6

1. Go to the Internet Connections page: Internet → Cable Ethernet → Connections to the Internet over Ethernet-cable → Ports and VLANs.

2. Enable the Ignore DNSv4 of ISP setting.

3. Also, set the IPv6 setting to Not in use.

After you enable the Ignore DNS option and save the settings, you will automatically reconnect to your ISP — internet access will briefly disconnect and then reconnect.

IMPORTANT! Before you ignore DNS provided by your ISP, make sure that there are no domain names of servers authorizing your connection in the settings.

Getting routes

Get ready-made route files for the required services from BlancVPN — for example, to connect YouTube, Google, and Instagram via VPN, or to exclude Russian services from it.

To do this, contact support, and we will send you the necessary settings in a .bat file.

Adding routes

Setting up a VPN connection for specific services and websites:

1. Download and unzip the route file.

2. Go to the Routing section and choose the Static Routes tab.

3. Click Upload from file.

4. Select the file that we sent you.

5. In the Interface line, select your VPN connection.

If not all routes were loaded the first time, press Load again, and the router will add the missing routes.

This way, the connection to the selected services will go through the VPN, while other services and websites will bypass it. Meanwhile, in the access policies, keep only the Default policy.

Setting up VPN connection exceptions

1. Download and unzip the route file.

2. Go to the Routing section and choose the Static Routes tab.

3. Click Upload from file.

4. Select the file that we sent you.

5. In the Interface line, select your provider connection, for example, Ethernet.

If not all routes were loaded the first time, press Load again, and the router will add the missing routes.

In this way, the connection to the selected services will bypass the VPN, while other services and websites will go through it. Set the access policies according to our instructions for VPN on Keenetic routers.