Both AXT1800 & MT1300 refuse to connect to Wireguard

whitesnake · April 22, 2025, 5:26am

Hey everyone, thanks for taking the time to read this.

First, on my MT1300.
I try to use my conf file from my VPN provider to utilize wireguard. It just hangs and wont connect. Below is a summary from chatGPT of everything I tried.

I was trying to set up WireGuard on my router, but it wouldn't connect. The logs kept showing errors like REKEY-GIVEUP, and DNS traffic was being blocked by a rule called block_dns_manual. After removing the block, the connection still wouldn’t work, and I saw the interface kept going up and down. I checked the config, saw wgclient was marked as disabled, so I deleted that line, but it kept coming back after firewall restarts. Despite the config looking clean, it felt like something was automatically disabling it or overwriting my changes, and WireGuard still wouldn’t establish the VPN connection.

Then on AXT1800 I just ordered, the same thing happens. It hangs and the log says

Tue Apr 22 12:15:51 2025 daemon.notice netifd: Interface 'wgclient' is now down
Tue Apr 22 12:15:52 2025 user.notice firewall: Reloading firewall due to ifdown of wgclient ()
Tue Apr 22 12:22:42 2025 daemon.notice netifd: Interface 'wgclient' is setting up now

ChatGPT told me to inspect my config/network, and find wgclient, and it was this:

config interface 'wgclient'
option proto 'wgclient'
option config 'peer_2135'
option disabled '1'

and it said change my config to this:

config interface 'wgclient'
option proto 'wireguard'
option private_key (VPN Key)='
option listen_port '54375'
list addresses 'redacted

config wireguard_wgclient
option public_key '(redacted)
option endpoint_host redacted
option endpoint_port '1443'
option persistent_keepalive '25'
list allowed_ips '0.0.0.0/0'

It bricked it,

So trying once again, same thing...

daemon.notice netifd: Interface 'wgclient' is setting up now
hangs there.

Ordered a whole new router... a slate. same thing.. Im at my wits end. Mentally.

Please help?

Thanks everyone.

admon · April 22, 2025, 5:27am

Please check How to troubleshoot WireGuard

whitesnake · April 22, 2025, 5:54pm

I’m pretty sure all this checks out.
Last year when I just used my beryl I never had to check to make sure up addresses were unique and didn’t share the same etc

Also even when I use openvpn it doesn’t connect.
I haven’t tried changing router ports but don’t have access to this router in particular and I do that and also when I try to connect to my mobile hotspot it just disconnects and reconnects to previous connection

Both the beryl and slate do that.

I’ll try to get access to the router. Because this one is weird where discord doesn’t work on it. So perhaps something is blocked. I could try another connection too like public connection to verify.

admon · April 22, 2025, 5:55pm

Does your VPN config works on a PC directly?

whitesnake · April 22, 2025, 7:42pm

I have two pcs
Two vpn providers
Mullvad/Torguard

Wiregurd using their software:
Both PCs work fine with Mullvad
Both PCs Won’t connect with Torguard

OpenVPN
Both PCs fine with Mullvad
Both work fine with Torguard

Open connect:
Both fine with Torguard

It says it may be a firewall issue for wireguard on Torguard but it’s disabled on my PCs

Update
Wireguard doesn’t work on phone via Torguard either

Update2
It does after all, password info changed is all

whitesnake · April 23, 2025, 7:14pm

When I try OpenVPN it gives me this:

Thu Apr 24 04:12:26 2025 daemon.notice netifd: Interface 'ovpnclient' is now down
Thu Apr 24 04:12:26 2025 daemon.notice netifd: Interface 'ovpnclient' is setting up now
Thu Apr 24 04:12:26 2025 daemon.err ovpnclient[25091]: Options error: Unrecognized option or missing or extra parameter(s) in /tmp/ovpnclient/ovpnclient:17: service (2.5.8)
Thu Apr 24 04:12:26 2025 daemon.warn ovpnclient[25091]: Use --help for more information.
Thu Apr 24 04:12:31 2025 daemon.notice netifd: Interface 'ovpnclient' is now down
Thu Apr 24 04:12:31 2025 daemon.notice netifd: Interface 'ovpnclient' is setting up now
Thu Apr 24 04:12:31 2025 daemon.err ovpnclient[25361]: Options error: Unrecognized option or missing or extra parameter(s) in /tmp/ovpnclient/ovpnclient:17: service (2.5.8)
Thu Apr 24 04:12:31 2025 daemon.warn ovpnclient[25361]: Use --help for more information

Update: So apparently the 'service' seems to be an issue, going to try to ssh in and delete that service line from the ovpn conf file.

Update 2: Now I have this:

Thu Apr 24 04:39:02 2025 daemon.notice netifd: Interface 'ovpnclient' is now down
Thu Apr 24 04:39:02 2025 daemon.notice netifd: Interface 'ovpnclient' is setting up now
Thu Apr 24 04:39:02 2025 daemon.err ovpnclient[14429]: Options error: Unrecognized option or missing or extra parameter(s) in /tmp/ovpnclient/ovpnclient:17: block-outside-dns (2.5.8)
Thu Apr 24 04:39:02 2025 daemon.warn ovpnclient[14429]: Use --help for more information.

Update 3:

Success, connected!
Still dont know why wireguard doesnt work, and apparently I have to delete those two lines from every OPVN file I use?

whitesnake · April 26, 2025, 1:42pm

Plot twist:
VPN dashboard says its connected but I dont have any internet access...
-_-

admon · April 26, 2025, 1:43pm

Check ping and nslookup to understand if the problem is a DNS one or not.

whitesnake · April 26, 2025, 2:35pm

root@GL-AXT1800:~# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
^C
--- 8.8.8.8 ping statistics ---
161 packets transmitted, 0 packets received, 100% packet loss
root@GL-AXT1800:~# ping google(dot)com
PING google.com (142.250.206.206): 56 data bytes
^C
--- google.com ping statistics ---
24 packets transmitted, 0 packets received, 100% packet loss
root@GL-AXT1800:~# nslookup google(dot)com
Server: 127.0.0.1
Address: 127.0.0.1:53

Non-authoritative answer:
Name: google(dot)com
Address: 142.250.206.206

Non-authoritative answer:

Not sure what this means.