Disappointed that VPN client & server cannot be active together

DuxBellorum · May 13, 2022, 12:26am

Hello,

Just a quick feedback about the need I wanted to cover in buying a GL-inet router.

Until recently, I was running a pi-hole on a raspberry pi wired on my ISP router. It was nice, but I also wanted to benefit this DNS sinkhole when I’m not home, so I installed a Wireguard server on this raspberry pi, and all my mobile devices had a VPN tunnel to my home to benefit from the pi-hole. But to complete this security & privacy package, I also wanted an upstream VPN connection for all my home internet traffic.

That’s when I heard about Openwrt, and GL-inet routers that were proposing:

A wireguard client, so I could route all my home traffic through a VPN service, but also
AdGuard Home, an equivalent of pi-hole
A wireguard server, so I could completely replace my raspberry pi with this router.

And then I bought a GL-AX1800 Flint. And started to configure it to put my plan in action. And what a disappointment when I discovered that I couldn’t startup the VPN client while the VPN server is up ! While it’s exactly what I needed to do and what I bought it for !
Meaning that the raspberry pi will have to stay on duty, at least to be the wireguard server the router refuses to be when an upstream VPN connection is active.

For now I’m still wondering whether the investment was worth it. Is it something that could change in the future, or am I the only one wishing VPN client and server at the same time ? (and my own sinkhole DNS in between)

K3rn3l_Ku5h · May 13, 2022, 1:45am

So you could buy another Flint, Beryl or BrumeW to solve you issue or spend $300+ on a Netgate, Protectli vault and run Pfsense.

eric · May 13, 2022, 2:07am

You are not the first to ask for this. As an example see: VPN Client and Server at the same time on GL-MT300N-V2 - #2 by alzhao

@alzhao who runs things at GL iNet replied this feature should be in the 4.x firmware. Unfortunately the 4.x firmware release and features have been talked about in this forum for about 18 months and we are still patiently waiting for the first general beta to be released.

limbot · May 13, 2022, 3:49am

Looks like the ATX1800 might be the first 4.x device…

alzhao · May 13, 2022, 4:33am

Just post a screenshot here

AXT1800 and AX1800 will be the first to have 4.x firmware.

As some functions has total redesign so bugs apply.

vvv · May 13, 2022, 4:45am

Do you have an estimated release date for 4.x on the AX1800?

alzhao · May 13, 2022, 4:50am

Next week we will push firmware 4.x for AX1800 to snapshot.

DuxBellorum · May 13, 2022, 7:17am

This looks promising ! I’m happy to learn that this is in the roadmap ! I’ll stick with my Flint then, patiently waiting for this 4.x firmware.

I may not go for a snapshot release though, what’s the usual timeline between snapshot/beta/stable ?

alzhao · May 13, 2022, 8:09am

It is beta7 now. It needs more than 10 beta at least.

Blobbie01 · May 17, 2022, 6:37am

Hell yes!!!

Very excited for this😄

What OpenWRT version will V4 run?

alzhao · May 17, 2022, 7:22am

Firmware v4 start from Openwrt 21.02

alzhao · May 18, 2022, 5:00am

Seems it is better that I can post a beta firmware here.

It has many bugs though. The 3.214 firmware of AX1800 is much stable.

Changing from 3.x to 4.0 Beta:

Download the img file and upgrade in your 3.x firmware. Do NOT keep settings. Otherwise it does not boot.

You can also use uboot mode to change to 4.x or change back to 3.x.

You do NOT need to report obvious bugs because we are on that now.

Blobbie01 · May 18, 2022, 7:42am

Woh, it’s working great for me so far. Very stable, and wireguard seems to have been optimized a bit!

Used to get 400mbp/s average on wireguard, now it’s 580mbp/s!

Great job, looking forward to beta testing further😄

Blobbie01 · May 18, 2022, 11:08am

There are a lot of updates available for plugins (43 in my case).

I tried updating them all, and, obviously, had to reset using uboot😄

Are there any packages I should update, and a list of packages I shouldn’t?

BenzGuy · May 18, 2022, 3:29pm

For me it got worse,from 540Mbps (3.213) to 250-300Mbps with this beta8 (Local speedtest)

Blobbie01 · May 20, 2022, 12:23pm

Will you be posting updated firmware here also, or will those be uploaded to the firmware website?

acw210ee · May 20, 2022, 8:48pm

I need to use luci-app-openvpn and luci-app-vpn-policy-routing for multiple openvpn client tunnels. Those don’t seem to work. I can upload an openvpn config and start multiple instances. When i try to add a new unmanaged interface (e.g. tun0, tun1) tun0, tun1 do not appear up as addable in the luci app. This was with the beta 4 v8 firmware.

alzhao · May 21, 2022, 3:57am

Yes. Firmware will be updated. I will either post here or put in download website.

solidus1983 · May 21, 2022, 11:19am

sounds like kmod-tun wasn’t compiled. Look in plugins to see if you can find kmod-tun and install it then reboot router.

Blobbie01 · May 21, 2022, 6:36pm

For anyone having trouble with the beta, it looks like downgrading through uboot doesn’t work.

Was able to downgrade using LuCi though, just select the force option.

Back on V3.213 for now, because the VPN policy on beta V4 didn’t work for me either.

kmod-tun was installed, so not sure what the issue was🤷‍♂️