Flint 2 - Configuration, Vlans & blocklists.

So I have just upgraded to a Flint 2 from my netgear nighthawk router, as I wanted something a bit more substantial and grown up.
As a stopgap I setup a n100 mini pc with OpnSense, however I was a bit over my head.

However it looks like the Flint2 is is even more complex, hopefully I may be mistaken.

I wish to do a couple of very basic common tasks which my previous gaming router could do via the web interface such as adding a blocklist for domains/IP's & Vlans for smart devices . Both appear not to be supported by the flint 2.
This seems really strange.

I do understand there is something called luci - However a warning says it's not supported, and I read that it will break the main interface if I do use it. rendering the whole point of the gli.net useless.

For blocklists you are directed to use adguard, which appears to direct all your traffic to addguard servers Globally ? - I don't want that, I just wish to use my own (cloudflair) dns servers and block a few sites for a couple of devices.

Maybe I have misunderstood.

Are there any guides available specific to the flint2 ? As searching the forums just directs me to some generalised openwrt documentation that isn't relevant or requires me to be a openwrt coder. Or discus's other hardware with different configurations that isn't relevant.

Any pointers appreciated. - Please go easy my technical understanding is pretty limited.
Many thanks


yep, the Flint2 is more complex - that's because of OpenWrt and the way people want to use "basic" stuff which isn't basic at all :wink:

luci itself is supported - but it depends on what you are going to change. So, speaking in general, you should stick to the default GUI if you would like to get quick and fast support. If you don't care about the speed of support, you can modify settings in luci as well - but then people need to get deeper into your configuration to help you. luci is just a fancier version of editing config files via SSH.

Adding VLANs isn't supported by the GL GUI; so you need to go luci.

AdGuard Home and AdGuard DNS are entirely different services. On the device itself there is an installation of AdGuard Home where you can use block lists to block sites on connected devices - which upstream DNS server will be chosen is completely up to you. So yes, you can combine it with Cloudflare.

You don't need to be an "OpenWrt coder" but you need to understand what you are doing and how it will affect your device. So I am sorry at this point, but the official documentation is what you need - especially for VLAN. [OpenWrt Wiki] VLAN

Thread like Flint 2 GL-MT6000 - VLAN might help you as well.

1 Like

Many thanks for the prompt and detailed response admon, it's appreciated.

First I must apologise if my posts come across as ranty or moany, I'm just confused and frustrated due to my lack of understanding / clear documentation-instructions.

Hmm I'm at odd's regarding vlans. In my opinion a router in this day and age it shouldn't be complicated for the end user at all, and basic network segmentation is a essential feature for a device that claims to be a home security router.

For my usage I just wanted a vlan for IOT devices etc and another for cameras. It's standard practice to isolate these things on the network from your desktops, nas etc for obvious reasons. I can't understand how that isn't a default option. Surely I don't need 3 separate routers just to do this without learning a whole new coding language?

I suppose what I'm after is similar to the way the wifi guest networks are presented. - However for the lan these options are missing. - So whilst it maybe technically complex to setup behind the scenes - It shouldn't be for the end user.

I appreciate the link to the OpenWrt page - However it's directed at coders of wrt with no instructions on even how to enter the code they describe. Is there a actual guide anywhere - Ideally for Luci? Ideally for this device? - And if I do set up vlans will the default interface and addguard still work ? I can't be the first person to want to setup a vlan on this device. - The other link doesn't provide instructions either. I see there is a massive bug thread for the Flint2 but I cant find a thread with guides.

Regarding Adguard Home, thankyou for explaining. I think the warning Glinet gives is leading to my (and others confusion) stating "When AdGuard Home is enabled, the router will force the use of DNS servers provided by AdGuard Home." - which to me reads as all your dns queries will go to servers that you have no knowledge of.

I shall have a play with adguard, thankyou.

1 Like

I have used pfsense and more recently opnsense. I just moved to openwrt for a more basic approach for now. I too needed to make VLANs which I have managed to do and have guest, IoT etc all working. The problem with the glinet gui is that it's mainly hardcoded. We get Lan and clients and that's about it in the dashboard, unlike opnsense where you get everything in the GUI.

Any interface you create in opnsense will appear in the GUI of opnsense and that's because it's the main overlay / frontend.

With glinet products the actual main interface is the openwrt gui which is called "Luci" and that's where you are going to see interfaces etc that are not the default.

I wish glinet was a bit more flexible. For example, it would be great if we could add an interface (guest Lan, IoT Lan) and it just appears in the main GUI but for now it's all under the hood.

luci openwrt works fine but it can be very itimidating especially for newer users. :+1:

for the gl ui incompatibilities and vlan are that most of the scripts follow lan and guest interfaces such for the client overview, vpn policies but when you use those other vlan interfaces these do not count up inside the gl ui.

However that is not necessary a bad deal if its for visibility you can use luci still, but it can be for vpn policies or bandwith limiting, depending how much impacting it is you always have the choice to flash normal OpenWrt via U-boot, you should always choose the images with sysupgrade inside the name this way the debricking partition with u-boot keeps preserved :+1:

GL-iNet wants to support other networks in their scripts in future updates :+1:

Now my only question i have because i don't know your level of skill:

  • do you understand the basic concepts of vlans tagging and untagging?, i ask this because ive no experience with netgear.

I often recommend videos from OneMarcFifty on youtube, he has excellent videos for vlans, i'd recommend to also watch his other videos also to get familiar with the luci UI, i'm 100% once you understand more of the options its alot more easier and less itimidating.:smiley:

I think its good to start first priotizing on vlans/interfaces and then block lists.:+1:, feel free to post back if you get stuck or are confused about something.

And maybe vlans are not needed but just different network per port.