UPGRADE you canāt migrate settings again and canāt reuse a previous config file. Need to setup everything from default.
1 Like
I managed to upgrade without issues,ā¦ Though I was panicking to Not find āBackup configurationā anywhere,ā¦
Also as usual,ā¦ Port Forwarding rules are still ignored for other ip addresses if DMZ is enabled 
So canāt use my NAS 
I mean, thatās kind of the definition of DMZ, right?
What do you need DMZ for? Convenience?
2 Likes
Iām not sure if this is the problem of this particular version, but I recently purchased the device and ran into a problem using this and maybe previous version.
I am using WireGuard client with a list of domains that use VPN. I noticed that sometimes the traffic to these domains stops going through the VPN, I had to reset the device and configure it again.
But I think I found a problem in vpnpolicy file.
It works when it is like this:
config policy 'global'
option kill_switch '0'
option wan_access '0'
option service_policy '1'
option vpn_server_policy '1'
config service 'route_policy'
option proxy_mode '3'
config policy 'vlan'
option private '1'
option guest '1'
config policy 'domain'
option domain '
>>HERE IS MY DOMAINS LIST<<
'
option default_policy '0'
but sometimes it changes to this one and stop working:
config policy 'global'
option kill_switch '0'
option wan_access '0'
option service_policy '1'
option vpn_server_policy '1'
config service 'route_policy'
option proxy_mode '3'
config policy 'vlan'
option private '1'
option guest '1'
config policy 'domain'
option default_policy '0'
option domain '
>>HERE IS MY DOMAINS LIST<<
'
so I think that problem is in line option default_policy '0'
can someone please confirm this problem or propose a way to fix it?
GL-AX1800
Also I canāt connect to router using SFTP. The default settings are set. SSH connection is working. But SFTP fails, I tried Cyberduck, Terminus and Fugu clients. They give me different errors. Cyberduck tell something about āEOF while reading packetā. Fugu just cant connect. And Terminus freezes and throw me EOF error too.
GL-AX1800
If only you were part of previous discussions related to this jdub, you wouldāve known that i need DMZ Enabled on one NAS address and rest others to follow port forwarding rules (instead of getting blocked). This is nothing new, most of my previous routers allowed me this type of setting,ā¦
So in reviewing the discussion, you donāt need DMZ - you just have a lot of ports you want to forward, so itās more convenient. Gotcha.
I stand by my statement.
(p.s., just because āmost of [your] previous routers allowed [you] this type of setting,ā¦ā doesnāt mean they were implementing it correctly. There are tradeoffs to both approaches, but the way itās currently implemented here is the way itās typically done)
1 Like
Iām my situation, Any solution, which come from other router guyās approach or your āTypicalā router guys, is welcomed (and a win-win for other end user ). You can sit or stand by your statements all you want, just know Iām more interested in firmware getting better.
I wouldāve preferred Dynamic Port Triggering implementation (which is again typically available in most modern routers )
Sounds like you would be better off with a Synology router then?
Maybe Iām being dense here, but I donāt understand the problem with forwarding ports, even if there are a lot of them. There are always tradeoffs between security and convenience, and the words ādynamicā used alongside āfirewallā would give any cyber security person pause.
There are a lot of features Iād like to see implemented, but I donāt use words like ādisgustedā because I bought a product that doesnāt implement something like I think it should. If you really need that functionality, it seems like you know where you can get it.
Synology router? Yep,ā¦ 
having my eye on it for quite some time. I did wait till 4.2 version,ā¦
Port Triggering is dynamic in nature it sure didnāt give Synology guys pause.
Maybe in your arrival things are better so youāre not disgusted but in my arrival I was disgusted by many annoying bugs etc in version 3.xx, and whenever someone pointed me to LuCi,ā¦ It eventually felt like go to hell (as I mostly ended up factory resets 
)
Yes I know where to get it,ā¦ āHereā is preferred first because I already have the Ax1800 (and someone did say it was in to-do list).
Even if I opt of Synology, it will be when Iām sure no solution is coming out of here,ā¦
my use of words are my way of getting attention and Iām not going to stop typing for your likings
Iāve been here since 2015 with the 6416, but whatever.
There are plenty of things routers like this donāt do well, which is why I donāt use one for my main router. If the software doesnāt meet your needs, itās not hard to find one that does. Never buy a product based on a promised future update.
I mean, Iām a voting member on three IEEE cyber security committees, but Iām sure you know better.
1 Like
here since 2015? That explains a lot, including your frustration? Gl-net is obviously not your main router,ā¦ IEEE? What are you doing in this thread your highness?
Youāre mistaken or have no idea to why I bought Ax1800 and youāre connecting my feature request, future update to my past decision of purchase? Thatās hilarious
Oh I complain here a lot, but I donāt actually expect things to change, and I find ways to make the hardware work for my needs in spite of the bugs (mostly by going to stock OpenWrt, which you obviously donāt want to do).
At the same time, I donāt have a lot of patience for people who continually complain as though they are personally aggrieved because they bought a product and it doesnāt work for them. If itās a big enough deal for you to log on and express your disgust, just buy the product that meets your needs.
1 Like
You being an IEEE voting guy seem to have lots of time reading complains Do you actually think your prolonged suggestions will make me buy something else? Or make me (or anyone else) stop typing? Or complaining?
Iām an end-user, not as big as you āyour impatient highnessā and Iām here because these Gl-net people have been nice enough to implement many features that Iāve requested (Along with others). You may not like it but thatās your problem
Ad hominem arguments are the best arguments, arenāt they?
Hope you have a nice evening.
1 Like
The configuration file vpnpolicy is okay.
How do you confirm āthe traffic to these domains stops going through the VPNā? Do you use guest wifi and VPN cascading?
Please use SCP protocol for file transfer.
FYI, thanks for helping debug.
3 Likes
Has it been resolved in 4.2.0beta1 publishing today?
Hmm I just went from flint 4.1 pre release 6 to 4.2.0 without reseting configuration but my vpn broke which was mullvad vpn, it still says connected but when I checked my device it was not using the vpn.
So I made a backup, and then reset it and manually added for each the config from the backup and I pressed update servers for the vpn client that gave me different mullvad names so it might be this, or something broke in the vpn policies thats the only config I did not migrate manually from the backup.
Now it works fine, all configs I put back:
Network, firewall, dhcp, stubby, wireguard
Not sure if something iptables/nfttables changed between versions?
Only other bug ive been noting but its hard to verify:
Sometimes I notice a slow down with loading sites but this can also be because internet is chaotic around Christmas holidays it seem to happen when I have my mullvad vpn active.
updated axt1800 to 4.2 beta1, is this parental control, zero tier and tailscale going to be in the glinet app ?