Ok this is not a one off problem… This seems to repeat itself until I need to revert the firmware and start all over again.
I purchased the Flint speciifically to run OpenVPN with Nord and Adguard for my home. The side benefit was that I could tether it to my phone if my ISP goes down.
The problem.
It seems that I can turn the VPN on and off with no issues when I first set it up from factory. Then I turn on Adguard and only use the disable protection button on the management page if I need to bypass that once in a while.
However after a few days the router will NOT allow me to disconnect the VPN. I click disconnect and it fails and then just give an abort button which does nothing. A reboot and even a power cycle wont clear this. Also the internet is blocked at that point… I I was using the TCP VPN at the time. I did try and fire up the UDP version and that worked but again… I could not shut it down once it was enabled.
Adguard does the same thing… I cannot shut it down at all. Once its in this state I have to revert the firmware… This is a huge issue as I cannot trust enabling these features again until they are solid…
I cannot believe nobody else has run into this…
I am typing this after a complete firmware revert
Afterthought… Wonder if I should use Wireguard instead of Openvpn. Supposedly much faster??
When you revert(do a clean revert don’t transfer any settings) go and install LuCi(Don’t set up anything or bare minimum ). Log in to LuCi go to software and update list and update. Once list are updated reboot using LuCi reboot option. After reboot log back into LuCi check that adguard home is 0.106.3-1(current approved package for GL-iNet) you do not want Adguard home 0.104. You also don’t want both of these packages installed, a problem that some times occurs. Once you verify adguard 0.106.3-1 is installed log out of LuCi and go back to the GL-iNet UI and update package list again, when complete reboot using GL-iNet option. Manually put in you configuration(don’t use a saved archive)
Issues I have found:
A revert from GL-iNet UI does not always clean things out correctly
When disconnecting wait for a confirmation message (will be a little pop down saying success)
General good practices:
When doing a firmware update don’t transfer setting
Restart you router once a week
When using NordVPN disconnect for a minimum of 15 minutes so that what little information about login and duration is cleared from NordVPN server
Make a archive every time you make a change can save some headarches
Thanks so much for jumping in here… you rock.
So I added Luci back and logged in and went to the software section… There was no option to update… See Screen shot… I can update in the GL interface.
That being said, The revert was fairly simple for me. There are no real settings to transfer or save other than for me to rename my wifi
Adguard is already at .106.3-1 and once I fire it up it offers me an upgrade to.107.2. in the settings menu
The VPN actually hangs on disconnect… and so does Adguard. This is the main issue. Once they are in a hung state, nothing brings them back other than a firmware revert…
Adguard mutiple reboots and keep trying to turn it off and it keeps coming back turned on. The Service that is… I have learned to use the Settings menu to disable protection. But even once its disabled I cannot go back and turn off the service anymore.
I agree with the idea of waiting 15minutes for the a VPN toggle. But simply trying to turn off the VPN by clicking disconnect fails and then gives me an abort button which does nothing.
At that point I have no recourse but to Revert.
Going to try the Luci Revert next time to see if anything changes. Not sure why it would be different unless its more than just another GUI.
Its been years since I did SSH. Can I just add it to the bottom of the boot script? I copied and pasted the current default script below.
Also I look in Startup and it clearly shows Adguard enabled. I never enabled it. Just factory at the moment. Also in the Flint main applications I click Adguard and the toggle for enable Adguard is disabled. Almost like they conflict with each other
autoupdate=$(uci get glconfig.autoupdate)
[ -z “$autoupdate” ] && {
uci set glconfig.autoupdate=service
uci set glconfig.autoupdate.time=‘04:00’
uci set glconfig.autoupdate.enable=‘0’
uci commit glconfig
}
samba=$(uci get glconfig.samba)
[ -z “$samba” ] && {
uci set glconfig.samba=service
uci set glconfig.samba.read_only=‘yes’
uci commit glconfig
}
I thought for sure all that would have solved it. Sometime the repository takes a little bit to show a update(if it has one). Try a hard reset pin whole button in the back maybe. I don’t think its recommended to do a power cycle (30-30-30) but i could be wrong about that. Perhaps try loading original firmware 3.206 then 3.207 then 3.208 with either local upgrade or Uboot (familiarize yourself with the steps before taking them) enable crash log and when everything freezes restart the router and see what is written in the log.
I meant to manually run the 2 commands when they hang and, hopefully, you will not have to reboot and revert the firmware.
By adding to the rc.local startup script, it may at least clear the problem after reboot, but I suggest you test them out manually before modifying that script.
That is strange! Can you check for a file /etc/config/AdGuardHome or /etc/config/glconfig and see if it contains a line “option enable ‘1’” for AdGuard? If so, you can try editing the file and setting the value to ‘0’. A complete router hard reset should clear out AdGuard.
You are not alone. I have experienced the exact same problem and precisely in the same way you have described. A router reset fixes it and as long as Adguard and WireGuard VPN are always running, then the router is working as expected but trying to turn any of them off is a no go. I haven’t reported as I was really hoping that a future firmware update might fix.
You can check the settings in LuCi → System → Administration → SSH Access. The defaults should work: Port=22, Password Authentication=Enabled, Allow root logins with passwords=Enabled.
In PuTTY, make sure to use SSH connection protocol, Port 22, host IP address of your router.
Really appreciate your help… I also just loaded the windows version of putty. I have not run some of these commands in like 20 years… had to look up what the states meant… LOL
Ok this is what was returned… Interruptible sleep and Stopped?
So if I look at this correctly… The “BASE” process is actually up and waiting for me to click the radio button to enable Adguard… Then once its running I need to go to the settings page to actually enable and or disable protection.
At this time I have not actually started the Adguard. I will experiment more when I dont actually need my internet for work…
The “grep -i adguardhome” process is your command itself. I think you ran the command twice, with the first time as “grep -i adguardhome” without “ps |”, which is cut off at the top of the screenshot that you stopped in the background with ^Z.
Where do you see AdGuard enabled in the Startup script?
The AdGuard page shows up for me also, but Enabled has not been turned on.
In this case, the main problem is being able to disconnect OpenVPN, so test the following command in SSH when the next time it happens:
/etc/init.d/startvpn stop
I think it does some “cleanup”.
This sounds vaguely familiar that it may have happened to me once. I think I turned off “Internet Kill Switch”, ran the above command and rebooted, but cannot remember clearly.
No that page is showing that the Adguard home package is installed and ready to run on your router.(The toggle switch will be to the right and green if it was on) You can unistall by disabling in GL-iNet UI Adguard home, go to plug-ins unistall Adguardhome and gl-agh-stats