Internet for the router

Hi all!
Using GL-AR150 (PoE). Great device, learned so much from it.
I have a problem (or maybe just a question). When the router is not connected to VPN, I can check opkg updates, firmware updates load adblock lists etc, but as soon as I connect to the VPN I have internet for the clients, but the router itself loses it.
Adblocker says “0 loaded”, latest firmware shows “” and I cannot do opkg update anymore.
Is there something I can adjust? Even if I load the ads lists first, then connect to the VPN, the lists re-load automatically and adblocker stops working.
If it helps, I use the “button” on the side configured to connect to VPN, I use cable in WAN port with DHCP enabl.ed.

Are you using cable for Internet?

What is your vpn? Openvpn? Can you just post a screenshot of the vpn status page?

What else did you configure on the router?

Hi!
Yes, I am using cable with DHCP (WAN).
My VPN is VPNSecure configured via OpenVPN. Can’t post a screen, I left the router at work… But all it says is “Connected” and TX MB, RX MB.
I configured a few little things, not sure what could be related to this issue. But I am pretty sure that after flashing a new firmware and configuring VPN I start having this problem. Next firmware update I could try to configure VPN first thing and see how that goes…
Any logs or configs could be helpful to post here?

When you have on hand you could ssh to the router and check route and firewall settings.

route
iptables -L

You also can post your ovpn for a check.

Thanks for reply!

root@GL-AR150:~# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         172.21.2.1      128.0.0.0       UG    0      0        0 tun0
default         192.168.10.254  0.0.0.0         UG    10     0        0 br-wan
64.42.181.106   192.168.10.254  255.255.255.255 UGH   0      0        0 br-wan
128.0.0.0       172.21.2.1      128.0.0.0       UG    0      0        0 tun0
172.21.2.0      *               255.255.255.0   U     0      0        0 tun0
192.168.8.0     *               255.255.255.0   U     0      0        0 br-lan
192.168.10.0    *               255.255.255.0   U     10     0        0 br-wan

Chain INPUT (policy ACCEPT)
target prot opt source destination
GL_SPEC_OPENING all – anywhere anywhere
ACCEPT all – anywhere anywhere /* !fw3 /
input_rule all – anywhere anywhere /
!fw3: Custom input rule chain /
ACCEPT all – anywhere anywhere ctstate RELATED,ESTABLISHED /
!fw3 /
syn_flood tcp – anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN /
!fw3 /
zone_lan_input all – anywhere anywhere /
!fw3 /
zone_wan_input all – anywhere anywhere /
!fw3 /
zone_wan_input all – anywhere anywhere /
!fw3 /
zone_guestzone_input all – anywhere anywhere /
!fw3 /
zone_ovpn_input all – anywhere anywhere /
!fw3 */

Chain FORWARD (policy DROP)
target prot opt source destination
forwarding_rule all – anywhere anywhere /* !fw3: Custom forwarding rule chain /
ACCEPT all – anywhere anywhere ctstate RELATED,ESTABLISHED /
!fw3 /
zone_lan_forward all – anywhere anywhere /
!fw3 /
zone_wan_forward all – anywhere anywhere /
!fw3 /
zone_wan_forward all – anywhere anywhere /
!fw3 /
zone_guestzone_forward all – anywhere anywhere /
!fw3 /
zone_ovpn_forward all – anywhere anywhere /
!fw3 /
reject all – anywhere anywhere /
!fw3 */

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all – anywhere anywhere /* !fw3 /
output_rule all – anywhere anywhere /
!fw3: Custom output rule chain /
ACCEPT all – anywhere anywhere ctstate RELATED,ESTABLISHED /
!fw3 /
zone_lan_output all – anywhere anywhere /
!fw3 /
zone_wan_output all – anywhere anywhere /
!fw3 /
zone_wan_output all – anywhere anywhere /
!fw3 /
zone_guestzone_output all – anywhere anywhere /
!fw3 /
zone_ovpn_output all – anywhere anywhere /
!fw3 */

Chain GL_SPEC_OPENING (1 references)
target prot opt source destination

Chain forwarding_guestzone_rule (1 references)
target prot opt source destination

Chain forwarding_lan_rule (1 references)
target prot opt source destination

Chain forwarding_ovpn_rule (1 references)
target prot opt source destination

Chain forwarding_rule (1 references)
target prot opt source destination

Chain forwarding_wan_rule (1 references)
target prot opt source destination

Chain input_guestzone_rule (1 references)
target prot opt source destination

Chain input_lan_rule (1 references)
target prot opt source destination

Chain input_ovpn_rule (1 references)
target prot opt source destination

Chain input_rule (1 references)
target prot opt source destination

Chain input_wan_rule (1 references)
target prot opt source destination

Chain output_guestzone_rule (1 references)
target prot opt source destination

Chain output_lan_rule (1 references)
target prot opt source destination

Chain output_ovpn_rule (1 references)
target prot opt source destination

Chain output_rule (1 references)
target prot opt source destination

Chain output_wan_rule (1 references)
target prot opt source destination

Chain reject (8 references)
target prot opt source destination
REJECT tcp – anywhere anywhere /* !fw3 / reject-with tcp-reset
REJECT all – anywhere anywhere /
!fw3 */ reject-with icmp-port-unreachable

Chain syn_flood (1 references)
target prot opt source destination
RETURN tcp – anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50 /* !fw3 /
DROP all – anywhere anywhere /
!fw3 */

Chain zone_guestzone_dest_ACCEPT (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere /* !fw3 */

Chain zone_guestzone_dest_REJECT (1 references)
target prot opt source destination
reject all – anywhere anywhere /* !fw3 */

Chain zone_guestzone_forward (1 references)
target prot opt source destination
forwarding_guestzone_rule all – anywhere anywhere /* !fw3: Custom guestzone forwarding rule chain /
zone_ovpn_dest_ACCEPT all – anywhere anywhere /
!fw3: Zone guestzone to ovpn forwarding policy /
ACCEPT all – anywhere anywhere ctstate DNAT /
!fw3: Accept port forwards /
zone_guestzone_dest_REJECT all – anywhere anywhere /
!fw3 */

Chain zone_guestzone_input (1 references)
target prot opt source destination
input_guestzone_rule all – anywhere anywhere /* !fw3: Custom guestzone input rule chain /
ACCEPT udp – anywhere anywhere udp dpts:bootps:bootpc /
!fw3: guestzone_DHCP /
ACCEPT tcp – anywhere anywhere tcp dpt:domain /
!fw3: guestzone_DNS /
ACCEPT udp – anywhere anywhere udp dpt:domain /
!fw3: guestzone_DNS /
ACCEPT all – anywhere anywhere ctstate DNAT /
!fw3: Accept port redirections /
zone_guestzone_src_REJECT all – anywhere anywhere /
!fw3 */

Chain zone_guestzone_output (1 references)
target prot opt source destination
output_guestzone_rule all – anywhere anywhere /* !fw3: Custom guestzone output rule chain /
zone_guestzone_dest_ACCEPT all – anywhere anywhere /
!fw3 */

Chain zone_guestzone_src_REJECT (1 references)
target prot opt source destination
reject all – anywhere anywhere /* !fw3 */

Chain zone_lan_dest_ACCEPT (4 references)
target prot opt source destination
ACCEPT all – anywhere anywhere /* !fw3 */

Chain zone_lan_forward (1 references)
target prot opt source destination
forwarding_lan_rule all – anywhere anywhere /* !fw3: Custom lan forwarding rule chain /
zone_ovpn_dest_ACCEPT all – anywhere anywhere /
!fw3: Zone lan to ovpn forwarding policy /
ACCEPT all – anywhere anywhere ctstate DNAT /
!fw3: Accept port forwards /
zone_lan_dest_ACCEPT all – anywhere anywhere /
!fw3 */

Chain zone_lan_input (1 references)
target prot opt source destination
input_lan_rule all – anywhere anywhere /* !fw3: Custom lan input rule chain /
ACCEPT all – anywhere anywhere ctstate DNAT /
!fw3: Accept port redirections /
zone_lan_src_ACCEPT all – anywhere anywhere /
!fw3 */

Chain zone_lan_output (1 references)
target prot opt source destination
output_lan_rule all – anywhere anywhere /* !fw3: Custom lan output rule chain /
zone_lan_dest_ACCEPT all – anywhere anywhere /
!fw3 */

Chain zone_lan_src_ACCEPT (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere ctstate NEW,UNTRACKED /* !fw3 */

Chain zone_ovpn_dest_ACCEPT (3 references)
target prot opt source destination
DROP all – anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage /
ACCEPT all – anywhere anywhere /
!fw3 */

Chain zone_ovpn_dest_REJECT (1 references)
target prot opt source destination
reject all – anywhere anywhere /* !fw3 */

Chain zone_ovpn_forward (1 references)
target prot opt source destination
forwarding_ovpn_rule all – anywhere anywhere /* !fw3: Custom ovpn forwarding rule chain /
ACCEPT all – anywhere anywhere ctstate DNAT /
!fw3: Accept port forwards /
zone_ovpn_dest_REJECT all – anywhere anywhere /
!fw3 */

Chain zone_ovpn_input (1 references)
target prot opt source destination
input_ovpn_rule all – anywhere anywhere /* !fw3: Custom ovpn input rule chain /
ACCEPT all – anywhere anywhere ctstate DNAT /
!fw3: Accept port redirections /
zone_ovpn_src_ACCEPT all – anywhere anywhere /
!fw3 */

Chain zone_ovpn_output (1 references)
target prot opt source destination
output_ovpn_rule all – anywhere anywhere /* !fw3: Custom ovpn output rule chain /
zone_ovpn_dest_ACCEPT all – anywhere anywhere /
!fw3 */

Chain zone_ovpn_src_ACCEPT (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere ctstate NEW,UNTRACKED /* !fw3 */

Chain zone_wan_dest_ACCEPT (1 references)
target prot opt source destination
DROP all – anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage /
ACCEPT all – anywhere anywhere /
!fw3 /
DROP all – anywhere anywhere ctstate INVALID /
!fw3: Prevent NAT leakage /
ACCEPT all – anywhere anywhere /
!fw3 */

Chain zone_wan_dest_REJECT (1 references)
target prot opt source destination
reject all – anywhere anywhere /* !fw3 /
reject all – anywhere anywhere /
!fw3 */

Chain zone_wan_forward (2 references)
target prot opt source destination
forwarding_wan_rule all – anywhere anywhere /* !fw3: Custom wan forwarding rule chain /
zone_lan_dest_ACCEPT esp – anywhere anywhere /
!fw3: Allow-IPSec-ESP /
zone_lan_dest_ACCEPT udp – anywhere anywhere udp dpt:isakmp /
!fw3: Allow-ISAKMP /
ACCEPT all – anywhere anywhere ctstate DNAT /
!fw3: Accept port forwards /
zone_wan_dest_REJECT all – anywhere anywhere /
!fw3 */

Chain zone_wan_input (2 references)
target prot opt source destination
input_wan_rule all – anywhere anywhere /* !fw3: Custom wan input rule chain /
ACCEPT udp – anywhere anywhere udp dpt:bootpc /
!fw3: Allow-DHCP-Renew /
ACCEPT icmp – anywhere anywhere icmp echo-request /
!fw3: Allow-Ping /
ACCEPT igmp – anywhere anywhere /
!fw3: Allow-IGMP /
ACCEPT all – anywhere anywhere ctstate DNAT /
!fw3: Accept port redirections /
zone_wan_src_REJECT all – anywhere anywhere /
!fw3 */

Chain zone_wan_output (2 references)
target prot opt source destination
output_wan_rule all – anywhere anywhere /* !fw3: Custom wan output rule chain /
zone_wan_dest_ACCEPT all – anywhere anywhere /
!fw3 */

Chain zone_wan_src_REJECT (1 references)
target prot opt source destination
reject all – anywhere anywhere /* !fw3 /
reject all – anywhere anywhere /
!fw3 */