Firmware 4.2.x is out as snapshot firmware

It use to be Enable to have GL.iNet services not use VPN. Also is on axt1800. Was recently changed because of setup confusion, hence if the vpn did not connect you could not use goodcloud and such. It is less secure but lets you use services with out VPN to do IT stuff, it will give you IP address away in goodcloud.

I have been unable to connect to wireguard server on 4.2.x no matter what I have tried. Reverting back to 4.1.0 r7 and its working again. What is going on?!

At the top is the specification code for Wi-Fi, DE is actually the EU specification. It is different from the time zone.

you can use your NAS, I posted the solution some months ago

wireguard client not connecting

My MT-1300 cannot connect to Wireguard Server using a known-good (working in 3.215) configuration.
Tested openwrt-mt1300-4.1.0-1107-1667792228 BETA3.bin as well as latest snapshot (openwrt-mt1300-4.2.0-0116-1673826019.bin).

Log:

Mon Jan 16 11:43:14 2023 daemon.notice netifd: Interface 'wgclient' is now down
Mon Jan 16 11:43:14 2023 daemon.notice netifd: Interface 'wgclient' is setting up now
Mon Jan 16 11:43:15 2023 user.notice mwan3[2397]: Execute ifdown event on interface wgclient (unknown)
Mon Jan 16 11:43:17 2023 user.notice firewall: Reloading firewall due to ifdown of wgclient ()
Mon Jan 16 11:43:19 2023 kern.info kernel: [ 2976.408245] wireguard: wireguard-hotplug IFNAME=wgclient ACTION=REKEY-TIMEOUT
Mon Jan 16 11:43:19 2023 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-TIMEOUT SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
[19-20 repetitions of line 5+6]
Mon Jan 16 11:45:05 2023 kern.info kernel: [ 3082.003443] wireguard: wireguard-hotplug IFNAME=wgclient ACTION=REKEY-GIVEUP
Mon Jan 16 11:45:05 2023 user.notice wireguard-debug: USER=root ifname=wgclient ACTION=REKEY-GIVEUP SHLVL=1 HOME=/ HOTPLUG_TYPE=wireguard LOGNAME=root DEVICENAME= TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin PWD=/
Mon Jan 16 11:45:06 2023 daemon.notice netifd: Interface 'wgclient' is now down
Mon Jan 16 11:45:06 2023 daemon.notice netifd: Interface 'wgclient' is setting up now
Mon Jan 16 11:45:07 2023 user.notice mwan3[6788]: Execute ifdown event on interface wgclient (unknown)
Mon Jan 16 11:45:09 2023 user.notice firewall: Reloading firewall due to ifdown of wgclient ()
[cycle continues]

Please donā€™t DOS the user for normal/standard issues, it leads to ignoring warning signs.
Network components use to work on UTC, not local time, to have reliable log files. Thereā€™s no use to warn the user about a different time zone on router vs. PC (at least please give an option to disable or reset/acknowledge) this warningā€¦

1 Like

i have UK in wireless overview in Luci.
why not use country code from here?

uk

GL.iNET AX1800 Flint
4.2 x Compile time 1-16-2023
Fresh install did not keep settings
Reloaded a previous generated config file in luci
AdguardHome running OISD full list (300.000+ list)
VPN wguard client

Using for day to day operations no real issue I have found. 5Ghz disconnects seems to be fixed for me. When I was upgrading from the 1-14-2023 compile the router froze and would not let wired or wireless access to GUI, LuCi or SSH restarted fine without issue and upgraded to 1-16-2023. Speed is up from 200mbps between access points to 300-350mbps using iperf3 to test.

The country code of the device is not in this profile, it is in the lower data area and does not change with settings and firmware installation.

This implies (assuming default is disable) that it IS using VPN by default (in 3.xx), which appears to be the same as what you are asserting for v4.2.

I donā€™t see this, so I am still struggling to ā€œkeep upā€ (at least with you!)ā€¦

Can someone from GL clarify and confirm?

Slate Plus (GL-A1300)
4.2.0 01-16-2023

Tailscale seems to show the wrong bind account in settings. I can confirm in the Tailscale admin console that the bound account is correct and I donā€™t have the credentials to the other account so I canā€™t have bound my router to it.

My tailscale account has two devices shared with it from two other accounts. The account shown in the router config UI is one of those account (that account starts with ā€œmeā€ whereas mine starts with ā€œmoā€ so it could be fetching all emails from the admin page and picking the first alphabetically).

GL service should not use vpn by default.

Can you explain why UTC is better?

The router works whatever timezone is set. But to use some scheduled tasks, you need to set up the correct timezone.

It is not harmful to set the same timezone as your browser.

thereā€™s a Maximum wifi transmission power per countryā€¦

Not sure what you are on about. This is how it used to be in 3.x firmware

1 Like

maybe you should code it to show the country code from wifi settingsā€¦ for accuracyā€¦

1 Like

UTC makes log files comparable and easily understandable, especially when debugging or discussing with e.g. abuse departments.

Itā€™s surely not harmful to set whatever timezone, nevertheless the professional uses UTC.
Also itā€™s not an error/problem when thereā€™s UTC on the router so the prominent warning sign is wrong, misleading and, as said, a DOS. That warning sign is always there, the user will not notice, when a real warning would be displayed.

1 Like

Which program/script uses /etc/config/vpnpolicy to apply the VPN policies?

1 Like

check out this two script

root@GL-MT3000:~# ls /etc/init.d/vpnpolicy*
/etc/init.d/vpnpolicy        /etc/init.d/vpnpolicy-apply

2 Likes

@alzhao what can we do about ā€œVPN not connectingā€?
Would it help to send you a known-good (working in 3.215) config by DM or mail?

1 Like