Disappointed that VPN client & server cannot be active together

Make sure to check the GitHub for the latest version:

1 Like

Can you specify? I find a post you made 2 years ago but not sure if you mean that one.

Just open a new thread. Sometimes I miss something, so please just re-twitte the thread.

I am testing ver 4 beta release 2 on my AX1800. I cannot run vpn server and client at the same time. you can turn both ON but you can only use one.

The use case I have is, I want to setup a wireguard client to connect to a Mullvad server in order to proxy all my internet traffic through it. At the same time, I want to run a wireguard server on flint so that i can connect my beryl to proxy all its traffic through flint to mullvad. Can we have this capability in Ver 4.0?

What I noticed is, when the vpn client is running and you turn ON your vpn server – the WG server IP changes to the Mullvad IP instead of your own public IP. its makes it impossible to establish connection at that point. I think what needs to be done is bypass WG server all together from WG client vpn to make this work.


Why cannot you just set up Mullvad on the Beryl as well?

You need to use vpn polices. In your case, just use route based and set up the route manually.

Any chance you give a breakdown on that?

I left the house with the OpenVPN client connection on. I am still able to establish a connection with the OpenVPN server, but I have no internet access or LAN access.

route based vpn policy didn’t help fix the issue. I am still seeing WG client public IP as my WG server endpoint IP

Why cannot you just set up Mullvad on the Beryl as well?

  • Not just beryl, I want to connect any device to my home wg server to go out to Mullvad or to have certain domains bypass mullvad .**

My use case is , I will be traveling and working remotely - My company VPN doesnt work with Mullvad or any vpn as my company restricts traffic from any anonymizers(VPN providers). I bypassed my company vpn domains on flint to make it work at home. when i’ll be traveling, I’ll connect my work laptop to beryl - the idea is to send all my traffic back to my home router(flint) via site to site vpn. based on domain bypass policy set, I want my company vpn traffic bypassed.

This is mine

Use customized routing rules
Wireguard client connected
Wireguard server started

The WG server is using my pub IP. Not vpn IP.

Then you should be able to set up custom routing for WG client and Server. I think this is complicated though.

1 Like

Hi Alzhao, I did try that option. the issue is when I add custom routing rule for WG server say point it to my public IP. i do see the what you are seeing but at the same time WG client
(mullvad) is bypassed(whats my IP shows my own Public IP instead of mullvad server IP.) the custom routing is not working as intended.

We will add some options for vpn cascading. So let’s close this thread for now.

Hi, I’m facing the same problem.
Do you have a solution for it?
My WG server should not use the WG client connection.

Sorry, what is the problem? Should not, could not or something else?

When I have the WG Client on AXT1800 connected, I can not connect my smartphone to the WG Server on the same AXT1800 device.
I only can connect to the WG Server on the AXT1800 when I turn off the WG Client.

Pls check this post VPN Cascading on GL.iNet routers

Pls upgrade firmware to 4.1.1 and later. Better 4.2.

Ok, I want to do exactly the opposite of Cascading.
But for sure is not working properly on the 4.1.
There is a list of knowing bugs of 4.2? I need to update the kernel and the fw?
I need to do the configuration again?


Cascading is an option that you can turn it on or off. So that is what you need. We have internal records of bugs only.

I should update Kernel to 5.4 also? Before flash the 4.2 firmware?

No. You only need to upgrade to 4.2

Now its working fine.
Thank you!

You know is there is a bug on the external http/https/ssh?
This function Im not able to use yet.

Can you describe details? I don’t know this.

Yes, first I need to thank you for the support.
I forward the ports 22/80/443 to the AXT1800 local IP at the modem, as I did with the Wireguard port (that is working fine now with Client/Server at version 4.2 beta2).
And set this options attached.

But I can not access the AXT outside home using the 4g for example.