GL-AXT1800 WireGuard DNS routing issue

I-n-d-y · November 2, 2022, 8:53pm

Hi,

I am running firmware 4.1.0 release3 on ym AXT1800. When I start the WireGuard client the tunnel will be established correctly but for whatever reason the DNS servers in the WireGuard configuration bypass the VPN tunnel so DNS resolution will fail when the tunnel is up. My VPN settings are as follows:

Proxy Mode: Based on the Target Domain or IP
- Not Use VPN: 8.8.4.4, 8.8.8.8
WireGuard Client Options
- Allow Remote Access LAN: Enabled
- IP Masquerading: Disabled
WireGuard Client Configuration
- Allowed IPs: 0.0.0.0/0
- my internal DNS servers

I have already tried to change Network > DNS from Automatic to Manual but without success.

When I check the routing table via LUCI I can see routes for my internal DNS servers in routing table 51.

Did I forget some settings or is this a bug?

Thanks.

alzhao · November 3, 2022, 4:50am

I don’t see why you set up these. Seems not necessary in your case.

IP Masquerading cannot be disabled if you use to access Internet.

I-n-d-y · November 3, 2022, 7:36am

I had disabled masquerading because I want to be able to access the clients connected to the AXT1800 from my home network via WireGuard tunnel.

I thought that when the tunnel is up, all traffic will be routed through the tunnel and only the IP addresses on the list bypass the tunnel and are rourted directly through the local internet connection. Can this setup be configured at all?

alzhao · November 3, 2022, 7:53am

I see. You’d better not configure like this. Making things too complicated when change Masquerading.

If you want to access back, you may just

enable allow local access
use allowedips in wireguard config to indicate how things should be routed