4.0 and VPN policy

Hi all,
I’m using version 4.0 on my brand new GL-AXT1800 but I’m having a big issue with VPN policies.

I configured a Wireguard VPN client that is working ok. The client set also the DNS server that is on the other side of the VPN.
Everything is ok until I enable VPN policies.

I set tu allow the use of the VPN only by ad one specific clients setting their MAC addresses. When enabled the DNS resolution isn’t working anymore.
I suppose because the DNS server on the GL-AXT1800 is not allowed to pass trough the VPN and so the DNS server in unreachable.

The option “Services from GL.iNet doesn’t Use VPN” is correctly set to OFF.

Is it a bug?
Thank you.

I have the same issue. If dns server is internal of vpn and vpn policies are active then no dns resolution.

It’s urgent to have a proper fix of this.
Thank you.

Is there any possible workaround?

The newest version is 4.0.1, you can have a try:

I think is still in beta, because it doesn’t appear on the web site still

There is no mention of thee resolution of this issue in the changelog https://forum.gl-inet.com/t/slate-ax-firmware-4-0-1-release-4-is-out/23313

I used Azirevpn and I don’t have this problem.

Which wireguard service are you using?

Do you mean when vpn policy is actived but vpn is turned off?

Or vpn policy is activated and vpn is also on?

The second one. My service is StrongVPN. Issue is present in Slate Plus too.

I used the smartphone app to configure strongvpn wireguard.

I used mac based policy and add my pc to use vpn or do not use vpn.

All works as expected and dns can be resolved.

What could be the possible reason?

I use vpn policies ip/domain and no dns resolution if dns servers are on vpn network, all is ok if I set an e ternai dns server.
On Slate ax and Slate plus, old or new kernel…

I take some time to study this issue and it does seems a bug.

Submitted internally.


Another issue on slate ax is that on router restart no dns resolution if vpn policies are active. I have to stop and start vpn policies to solve issue. Issue is present on old and new kernel. Slate plus is not affected.
My domain/ip list is very long…


1 Like

Maybe the same problem. Will fix both.

1 Like

if ones uses adguard then he/she can/should define a custom dns server for a client using vpn as explained in the following post:


Hi @alzhao. Do you have any updates on the issue?

Yes. Can you try the snapshot? It should have fixed that.

I mean 4.0.2

Great! I just tested it, and it’s working!