Bug in X-3000 & MT-3000 in drop-in gateway mode

I have two routers:

  1. GL X-3000: Serves as the primary router to which clients connect. It runs wireguard.
  2. GL MT-3000: Serves as a drop-in gateway. It also runs wireguard.

If connection with wireguard servers is established everywhere, the output to the Internet works like this:
Clients->X-3000(Wireguard)->MT-3000(Wireguard).

But if connection with wireguard server drops at drop-in gateway, all traffic from clients goes only through the first wireguard (X-3000). But at the same time, if you simply disconnect drop-in gateway - there is no Internet access, as it should be.

On both routers ‘Block all non vpn traffic’ function is enabled.

How can I make it so that if the connection on the second router, which serves as a drop-in gateway, drops connection to the wireguard -> clients do not have access to the Internet (lockdown mode)?

Hi,

Probably I cannot quite know your issue.
for the clear, in the topology as you mentioned, why do you require to run 2 wg client in the same LAN?

Update:
Reproduced by my side.
According with R&D team, the drop-in gateway with VPN client, now it does not support the VPN policy and kill-switch in the drop-in gateway mode, but this ‘issue’ already in the develop plan, kindly await.

2 Likes