HI
Im using GL-Ar150 to offer a wifi that connect to my wireguard server in AWS to be possible to use wireguard in all networks of gl-ar150 (LAN and WWAN).
/etc/config/network
config interface ‘lan’
option type ‘bridge’
option ifname ‘eth1’
option proto ‘static’
option hostname ‘GL-AR150-60d’
option netmask ‘255.255.255.0’
option ip6assign ‘60’
option ipaddr ‘192.168.8.1’config interface ‘wan’
option ifname ‘eth0’
option proto ‘dhcp’
option hostname ‘GL-AR150-60d’
option dns ‘8.8.8.8’
option peerdns ‘0’config interface ‘wwan’
option _orig_ifname ‘wlan0’
option _orig_bridge ‘false’
option proto ‘dhcp’
option hostname ‘GL-AR150-60d’
/etc/config/wireguard
config proxy
option main_server ‘vpn’
option enable ‘1’config peers ‘wg_peer_2794’
option name ‘vpn’
option listen_port ‘49258’
option dns ‘10.200.200.1’
option end_point ‘MyIP:51820’
option allowed_ips ‘0.0.0.0/0’
option persistent_keepalive ‘25’
option address ‘10.200.201.6/20’
option private_key ‘xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx’
option public_key ‘xxxxxxxxxxxxxxxxxxxxxxxxxxx’
/etc/config/wireguard_server
config servers
option local_ip ‘10.0.0.1’
option local_port ‘51820’
option enable ‘0’
I can start service but fail to use network showing a:
PING 8.8.8.8 (8.8.8.8): 56 data bytes
ping: sendto: No error information
Seems that lose connectivity and now I’m not sure which more tests I can do to work. If I remove wlan part or LAN part it goes well. Checking iptables and filtering by wg0
-A INPUT -i wg0 -m comment --comment “!fw3” -j zone_wireguard_input
-A FORWARD -i wg0 -m comment --comment “!fw3” -j zone_wireguard_forward
-A OUTPUT -o wg0 -m comment --comment “!fw3” -j zone_wireguard_output
-A zone_wireguard_dest_ACCEPT -o wg0 -m conntrack --ctstate INVALID -m comment --comment “!fw3: Prevent NAT leakage” -j DROP
-A zone_wireguard_dest_ACCEPT -o wg0 -m comment --comment “!fw3” -j ACCEPT
-A zone_wireguard_src_ACCEPT -i wg0 -m conntrack --ctstate NEW,UNTRACKED -m comment --comment “!fw3” -j ACCEPT
Can be a problem with default parameters? I don’t know where can fail