Domain based VPN policydoes not work on AX1800 Flint

Technical Support for Routers
1

Domain based VPN policydoes not work on AX1800 Flint
I chose this one and fill in the domains I want to use the VPN but it does not work

image
image1501×778 44.5 KB

2

Add ipecho.net to the domain policy & then check http://ipecho.net/plain . Is that the VPN’s IP?

(Also… really, my guy? This ain’t a dating site. I doubt you’ll get many ‘hook ups’ here.)

3

It’s my IP address instead ):

4

Is it the same public IP when you flip the policy back to Global?

Also, can you post the output of wg show? It provides a touch more detail than just the Dashboard:

root@GL-AXT1800:~# wg show
interface: wgclient
  public key: [redacted]=
  private key: (hidden)
  listening port: 32

peer: [redacted]=
  endpoint: 37.19.211.7:51820
  allowed ips: 0.0.0.0/0
  latest handshake: 1 minute, 49 seconds ago
  transfer: 1.69 GiB received, 503.36 MiB sent
  persistent keepalive: every 25 seconds
5

image
image811×496 17.6 KB

6

102.97 MiB downloaded… so you’re definitely connected to a WG server as expected. Sometimes a misconfigured wgclient will still connect but not allow traffic. Does your public IP still show when the policy flipped back to its default, Global Policy?

2023-07-08 00_56_26-GL.iNet Admin Panel - Chromium

(Check via curl http://ipecho.net/plain; echo ; it’s faster than refreshing a web page).

@alzhao @yuxin.zou @rain @radishman : Where’s the conf for the list of IP/domains for that policy? It used to be /etc/route_policy/domain_name/via_vpn/manual-list.conf in firmware 3.216.

7

I switched to the option redirecting all my Internet to VPN. That’s 102 Mb downloaded. When I switched to Global Policy, the VPN IP was shown. That’s why I said there was a problem with domain based VPN policy.

8

And I believed there was nothing wrong with my WG server. Because I used WG client app on my PC and I could connect successfully to the server to use.

9

That seems to be the case. It would appear to be a regression from firmware 3.216; that’s the last time I’ve used that policy. GL reps were already ping’d so I’m sure they’ll see this thread eventually.

10

What is the firmware version you are using?

Also pls don’t try IP leak test on the router, you should test on the devices connected to the router.

11

@alzhao I’m using this one

image
image1032×619 21.7 KB

12

4.2.1 is the latest stable firmware; give that a go.

Personally speaking I don’t use the beta or snapshot builds unless I’m at an impasse w/ the stable ver.

13

Nothing changed

image
image1344×738 24.5 KB

14

hello? Anyone help me here?

15

Firmware 4.2.3-release5 is out now. Does it still not work?

16

How can I download it?

17

Ideally thru GL GUI → System → Upgrade but failing that:
https://dl.gl-inet.com/?model=ax1800

18

I upgraded to the release 5, nothing changed

19

Device: Flint (GL-AX1800)
Firmware: 4.2.3-release5

VPN via WG Client IP

VPN-IP_-_2023-07-18 12_54_05-IP_DNS Detect - What is your IP, what is your DNS, what informations you send to
VPN-IP_-_2023-07-18 12_54_05-IP_DNS Detect - What is your IP, what is your DNS, what informations you send to922×423 35.6 KB

Policy

Exclusions_-_2023-07-18 12_54_59-GL.iNet Admin Panel - Chromium
Exclusions_-_2023-07-18 12_54_59-GL.iNet Admin Panel - Chromium747×290 12.1 KB

Result

Result_2023-07-18 12_54_36-ipecho.net_plain - Brave

Notes

  • I had to disconnect & reconnect WG Client for policy additions/edits/changes to take effect.
  • What you’re currently reading was posted w/ WG Client running on a Flint while behind a Slate AX also running a WG Client (a la VPN within VPN).
20

image
image862×280 13.5 KB

Mine