So there is something that happens with the software if you are enabling and disabling the VPN and trying to changes around devices and services. I actually cross-referenced what you and the other admins mentioned in this post below with someone who was having an issue with ports for Battlefield. They were receiving the same error as I was, where it said validation error 'sport'. The default is actually no range inputted at all. So just like your previous response in this
I had to set the input ranges as 1 - 65535. This makes perfect sense as I was using the 3rd party tool TCPMonitor/View to see what traffic was going in and out of my network while broadcasting. With the numbers not having a one size fits all range (one was static as a LISTENING port, while the others were constantly shifting within the ranges of 58000 - 61000 and other ranges) and there being a background application for Streamlabs OBS titled obs64.exe that also had ports being used there wasn't a possible way for me to specify the Source Ports except for 1 - 65535. The destination ports I simply did as you recommended for RTMP which is Destination Start & End - 1935. This ONLY worked after I disabled the VPN AND rebooted the router. Before reboot it would give the same RPC validation error no matter what I was trying to add, preset or otherwise. This is obviously unintended as it makes customizing your VPN somewhat convoluted and without someone who is able to think through the process the router is trying to do will just end in another post, however, the user in the other post waited three weeks after turning his VPN off obviously allowing enough time for the router to have been rebooted at some point during that window. So I would like to just leave a few remarks to end my series of comments here:
1. You guys are awesome at responding to support questions here on this forum and even on the Netgear forum when it comes to DumaOS. Looking through all the different support questions I did, you guys genuinely try to do your best to solve any problems and from what I saw you always did. I received an answer on the Netgear Community board as well, where I put a post in the hopes that more eyes means a quicker route to a solution. So I have to give kudos for that and it is refreshing to see especially after the fact that Netgear on their website has absolutely no way I can find to even contact their support, other than the board. Much love from a now loyal user.
2. The Hybrid VPN feature should have the ability to store the setup and config file for more than 1 server. Just being able to save 2 of the VPN servers that I know are viable for my area would allow for seamless transition if there was just a '1' and '2' option or maybe even more. In the event of degraded performance on one server or a DDoS attack it would even be possible for me to reconnect and join into the lobby I was in with a new I.P before the in-game reconnection tool timed-out. This would also allow for a as close to complete DDoS protected setup for PC (which is now possible) and for Gaming Consoles. To go further and allow the use of two separate servers would allow my PC to be on one secure server, with my stream as an exception and my console to be on a separate server. Therefore, no matter where the attacker grabbed my IP the division of traffic on my router would allow for the least amount of damage possible. As it stands currently, there may be other options but, the protection as stated in the video describing Hybrid VPN and its protective measures works for attacks that grab the IP from other programs or applications on the user's PC. If I were to have it setup initially how I wanted, PC & Xbox One X on home IP and all other traffic through the VPN, when they grabbed my IP through Xbox Live that would mean they have the IP for my home network. And unless the traffic for a DDoS comes through a Port that has the Protocol set to go through the VPN (which this may very well be the case since I will have ONLY the RTMP Service on my home IP excluded) they will still take me offline of my Stream and from the game lobby. With that said, the absolute QUICKEST turn around instead of having to search for the best server (if the internet had gone down, I couldn't use NordVPNs tool) and re-inputting the config file would be to just have two or more options pre-saved. Switch over, reboot the router, and you're good to go. That would make DumaOS steps ahead of any other competitor that I've seen.
3. The tips for this process could have been a little more detailed. This service is something that requires knowledge of Port numbers, ranges and types of traffic. I spent hours trying to find out what turned out to be half of the solution. I still am unsure as to why the RTMP preset was removed when it was already a choice on the Netduma R1, but the original XR500 User Manual mentioned what to do if you don't know what Port Ranges to specify (this was for Port Forwarding and adding Protocols but still applies here). The Help button could have been a little more helpful in regards to the Add Service feature. i.e "If you're are having trouble or unable to input a custom service option disabling the VPN, removing all devices, and rebooting the router can fix it. Also, somehow express to the user that they should "add devices to the VPN one at a time, adding services as necessary before moving on". I just feel as though a few of my issues could have been solved with a sentence or two in the Hybrid VPN tab introduction/help, or maybe even just a separate in-depth video trying to give a more thorough run-through of all the options. All the videos, from Netduma or otherwise, weren't as in-depth as they could have been. With Livestream platforms such as Twitch exploding over recent years I know that this issue will be something that others come across as well, and answers could already be there for them with a few additions.
As a side note: Netduma Admin posted above that future firmware will feature "Streaming Detection" of some sort. That is going to be an absolutely amazing addition. I can't wait.
My final question is what is the most optimal way to set-up up PC, Router and Xbox One to either prevent going offline altogether or, if that's not possible, being the least damaging as possible? My current set-up will prevent my PC and Stream from every going down, but is their a way for my system to recognize a DDoS and either block/ignore all that traffic or to seperate the systems with the XR500 and my VPN?