Beryl AX (GL-MT3000) -- Wireguard Client won't load

Hello,

I just purchase a Beryl AX and i was trying to setup my last service (since i have to travel in 2 days). I did try to setup a wirguard client to connect to my home office and the client failed to load.
I ended with this logs :

Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102): Warning: fw3_ipt_rule_append(): Can't find match 'connmark'
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):    * Zone 'lan'
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):    * Zone 'wan'
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):    * Zone 'guest'
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):    * Zone 'wgclient'
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):  * Set tcp_ecn to off
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):  * Set tcp_syncookies to on
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):  * Set tcp_window_scaling to on
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):  * Running script '/etc/firewall.nat6'
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):  * Running script '/etc/firewall.swap_wan_in_conn_mark.sh'
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):  * Running script '/var/etc/gls2s.include'
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):    ! Skipping due to path error: No such file or directory
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):  * Running script '/usr/bin/gl_block.sh'
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102):  * Running script '/etc/firewall.vpn_server_policy.sh'
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102): Failed to parse json data: unexpected character
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102): uci: Entry not found
Mon Feb  5 07:13:59 2024 daemon.notice netifd: wgclient (23102): cat: can't open '/tmp/run/wg_resolved_ip': No such file or directory
Mon Feb  5 07:13:59 2024 daemon.notice netifd: Interface 'wgclient' is now down
Mon Feb  5 07:13:59 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Mon Feb  5 07:13:59 2024 user.notice firewall: Reloading firewall due to ifdown of wgclient ()

The wireguard server is working fine if i do setup a wireguard client on a windows client.
Did i miss something?

Thanks a lot for the help you can bring me

Galm

The log shows no error.

How did you set up your WG server? Do you have a public IP or do you use DDNS?

Could you please post your WG config? Delete the keys before posting.

Thanks for you quick reply
You will find the client config on the GL-MT3000 and from the wiregauard windows client

GL-MT3000:

[Interface]
Address = 192.168.3.2/32
PrivateKey = [Private CLient Key]
DNS = 192.168.3.1
MTU = 1420

[Peer]
PublicKey = [Public server Key]
AllowedIPs = 192.168.3.1/32, 192.168.3.2/32, 0.0.0.0/0
Endpoint = [Public IP]:51820
PersistentKeepalive = 25

Wireguard Windows Client:

[Interface]
Address = 192.168.3.2/32
PrivateKey = QN+batHlraKidET4fezQkzp0Fa5tu9k1siJToJJc5X8=
DNS = 192.168.3.1

[Peer]
PublicKey = qtbUvmeNU0kx89RYMnD64gXuoJVty31hckzKT6T4U34=
AllowedIPs = 192.168.3.1/32, 192.168.3.2/32, 0.0.0.0/0
Endpoint = [Public IP]:51820

Public IP, Private client Key and Public Server Keys are the same on both config file

Thanks a lot for your time

Galm

In my opinion, this config does not make sense:
0.0.0.0/0 sets the default gateway, it will include all other IPs as well - so no need for any other entry than 0.0.0.0/0

How did you do your test, by using the Windows device? Was it connected to the same network during this time?

I did doawload the latest wireguard client for windows and install it. I did upload the same config file on bith (Beryl and Wireguard windows client). I can activate the wiregard windows client but not the on on beryl

Well, if your PC is connected to the router while doing this test, this test is useless. :frowning: