GL-SFT1200 - Mwan3 doesn't route pings over VPN

Technical Support for Routers VPN, DNS, Leaks
1

Hi all,

New to the GL-inet devices so please bare with me if I’m doing something daft.
I’ve upgraded my GL-SFT1200 Opal to the latest available firmware as I wanted the Load Balancing function on the device.
This is the beta 4.3.7 release 1

So I’ve set up Wireguard VPN and that works fine. I did a TCPdump on the external interface (Which in this case is my tethered device) and all seemed well, until I noticed ICMP packets going out to 1.1.1.1 and 8.8.8.8

So I clicked in the global settings to block all traffic that’s not going over the VPN and also to ensure all GL-inet services are going over the VPN.
Checked again but it was still going over.

Turns out that mwan3 isn’t being routed over the VPN. I’ve disabled the pings in mwan3 and the tcpdump is now clear.

So am I doing something wrong or is this a known bug? I did find an issue from a while ago where someone has the same problem but they were just raging and didn’t provide any details…

The post I found is here if anyone wants to check it

If anyone would like any bug reports or details please let me know, would be nice to get this resolved.

Thanks!

2

Someone slap me hard if I’m wrong here…

Those pings are for checking if the connection is alive and which connection is the fastest to respond “AT YOUR ROUTER”. You can turn them off in the multiwan settings by telling the router to assume the connections are ALWAYS connected. If you do that you are subject to data loss because if one wan goes down then the data won’t be re routed.

You could probably send the pings via vpn but the same situation. If the vpn goes down then you lose data on BOTH connections as the two wan’s run inside one service…

“cutting your nose off to spite your face” comes to mind…

3

Thanks for clearing that up, I’ve switched it off for now.
Yeah I’ve done a bit more research since and to be fair it doesn’t make any odds.

Thanks for your help :slightly_smiling_face: