Hello,
I want to use a GL.iNet Mango as a VPN server and at the same time be able to administrate it remotely via the LAN interface.
For this setup, I connected both WAN and LAN to the same switch, assigned the LAN port to a separate VLAN (192.168.8.0/24), and kept the WAN port in the normal LAN.
The device works as expected as long as only the WAN port is connected.
As soon as I also connect the LAN port, the admin interface (192.168.8.1) becomes unreachable or the WAN connection loses internet access.
Is this behavior expected (e.g. due to loop or bridge detection), or am I missing a specific configuration setting?
Just have the connection to WAN but on your mango you will need to enable “Allow Remote Access the LAN Subnet” or “Remote Access LAN” so go to your Wireguard server options or OpenVPN server options (use wireguard if possible as speeds will be better) and choose the settings and find the option: Allow Remote Access the LAN Subnet or it might be called Remote Access LAN
Once enabled and connected to your VPN server you will be able to hit the admin page or any other resource on your LAN.
??? What VLAN? In that switch or in the Mango?? 192.168.8.0/24 is an IP subnet only. This does not define a VLAN perse. Communication of devices that are in the same (switched) LAN but are part of different subnets, needs specific router setup (hairpin/loopback) as routing is needed as intermediate step.
A device connected to that switch , but with an IP in the WAN range, will not be able to communcate with the LAN interface when that LAN IP range (192.168.8.0/24) is outside the WAN range (what should be the case when the Mango is used as router (internet gateway). )