I have an ASUS N66U
I have configured the WAN interface to use a VPN Client to connect to a 3rd party VPN Server, so that all NAT LAN connected device traffic is routed through the 3rd party VPN server.
But if the 3rd party VPN server goes down, or the connection is otherwise lost or broken, the Asus N66U will route directly from the WAN connection using e.g. my ISP.
How can I stop my Asus N66U from routing any traffic on the WAN port if the VPN connection is down?
The router will need to look up the IP address of the vpn server using DNS. None of the other clients on the LAN should be doing that. Point is I only want the other client devices to have access to the outside world if the VPN is connected. If it is somehow disconnected, I don’t want those other LAN client devices to access the internet.
Ah, so you don’t care about software running locally on the router being able to access things without the VPN but do care if routed traffic does? You might also want to consider if the router offers services like a caching DNS server, a HTTP or SOCKS proxy,… that might look like local traffic to the network layer because a local process initiates connections at the instruction of some other system.