Hi all!
Using GL-AR150 (PoE). Great device, learned so much from it.
I have a problem (or maybe just a question). When the router is not connected to VPN, I can check opkg updates, firmware updates load adblock lists etc, but as soon as I connect to the VPN I have internet for the clients, but the router itself loses it.
Adblocker says “0 loaded”, latest firmware shows “–” and I cannot do opkg update anymore.
Is there something I can adjust? Even if I load the ads lists first, then connect to the VPN, the lists re-load automatically and adblocker stops working.
If it helps, I use the “button” on the side configured to connect to VPN, I use cable in WAN port with DHCP enabl.ed.
Are you using cable for Internet?
What is your vpn? Openvpn? Can you just post a screenshot of the vpn status page?
What else did you configure on the router?
Hi!
Yes, I am using cable with DHCP (WAN).
My VPN is VPNSecure configured via OpenVPN. Can’t post a screen, I left the router at work… But all it says is “Connected” and TX MB, RX MB.
I configured a few little things, not sure what could be related to this issue. But I am pretty sure that after flashing a new firmware and configuring VPN I start having this problem. Next firmware update I could try to configure VPN first thing and see how that goes…
Any logs or configs could be helpful to post here?
When you have on hand you could ssh to the router and check route and firewall settings.
route
iptables -L
You also can post your ovpn for a check.
Thanks for reply!
root@GL-AR150:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 172.21.2.1 128.0.0.0 UG 0 0 0 tun0 default 192.168.10.254 0.0.0.0 UG 10 0 0 br-wan 64.42.181.106 192.168.10.254 255.255.255.255 UGH 0 0 0 br-wan 128.0.0.0 172.21.2.1 128.0.0.0 UG 0 0 0 tun0 172.21.2.0 * 255.255.255.0 U 0 0 0 tun0 192.168.8.0 * 255.255.255.0 U 0 0 0 br-lan 192.168.10.0 * 255.255.255.0 U 10 0 0 br-wan
Chain INPUT (policy ACCEPT)
target prot opt source destination
GL_SPEC_OPENING all – anywhere anywhere
ACCEPT all – anywhere anywhere /* !fw3 /
input_rule all – anywhere anywhere / !fw3: Custom input rule chain /
ACCEPT all – anywhere anywhere ctstate RELATED,ESTABLISHED / !fw3 /
syn_flood tcp – anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN / !fw3 /
zone_lan_input all – anywhere anywhere / !fw3 /
zone_wan_input all – anywhere anywhere / !fw3 /
zone_wan_input all – anywhere anywhere / !fw3 /
zone_guestzone_input all – anywhere anywhere / !fw3 /
zone_ovpn_input all – anywhere anywhere / !fw3 */Chain FORWARD (policy DROP)
target prot opt source destination
forwarding_rule all – anywhere anywhere /* !fw3: Custom forwarding rule chain /
ACCEPT all – anywhere anywhere ctstate RELATED,ESTABLISHED / !fw3 /
zone_lan_forward all – anywhere anywhere / !fw3 /
zone_wan_forward all – anywhere anywhere / !fw3 /
zone_wan_forward all – anywhere anywhere / !fw3 /
zone_guestzone_forward all – anywhere anywhere / !fw3 /
zone_ovpn_forward all – anywhere anywhere / !fw3 /
reject all – anywhere anywhere / !fw3 */Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all – anywhere anywhere /* !fw3 /
output_rule all – anywhere anywhere / !fw3: Custom output rule chain /
ACCEPT all – anywhere anywhere ctstate RELATED,ESTABLISHED / !fw3 /
zone_lan_output all – anywhere anywhere / !fw3 /
zone_wan_output all – anywhere anywhere / !fw3 /
zone_wan_output all – anywhere anywhere / !fw3 /
zone_guestzone_output all – anywhere anywhere / !fw3 /
zone_ovpn_output all – anywhere anywhere / !fw3 */Chain GL_SPEC_OPENING (1 references)
target prot opt source destinationChain forwarding_guestzone_rule (1 references)
target prot opt source destinationChain forwarding_lan_rule (1 references)
target prot opt source destinationChain forwarding_ovpn_rule (1 references)
target prot opt source destinationChain forwarding_rule (1 references)
target prot opt source destinationChain forwarding_wan_rule (1 references)
target prot opt source destinationChain input_guestzone_rule (1 references)
target prot opt source destinationChain input_lan_rule (1 references)
target prot opt source destinationChain input_ovpn_rule (1 references)
target prot opt source destinationChain input_rule (1 references)
target prot opt source destinationChain input_wan_rule (1 references)
target prot opt source destinationChain output_guestzone_rule (1 references)
target prot opt source destinationChain output_lan_rule (1 references)
target prot opt source destinationChain output_ovpn_rule (1 references)
target prot opt source destinationChain output_rule (1 references)
target prot opt source destinationChain output_wan_rule (1 references)
target prot opt source destinationChain reject (8 references)
target prot opt source destination
REJECT tcp – anywhere anywhere /* !fw3 / reject-with tcp-reset
REJECT all – anywhere anywhere / !fw3 */ reject-with icmp-port-unreachableChain syn_flood (1 references)
target prot opt source destination
RETURN tcp – anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 25/sec burst 50 /* !fw3 /
DROP all – anywhere anywhere / !fw3 */Chain zone_guestzone_dest_ACCEPT (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere /* !fw3 */Chain zone_guestzone_dest_REJECT (1 references)
target prot opt source destination
reject all – anywhere anywhere /* !fw3 */Chain zone_guestzone_forward (1 references)
target prot opt source destination
forwarding_guestzone_rule all – anywhere anywhere /* !fw3: Custom guestzone forwarding rule chain /
zone_ovpn_dest_ACCEPT all – anywhere anywhere / !fw3: Zone guestzone to ovpn forwarding policy /
ACCEPT all – anywhere anywhere ctstate DNAT / !fw3: Accept port forwards /
zone_guestzone_dest_REJECT all – anywhere anywhere / !fw3 */Chain zone_guestzone_input (1 references)
target prot opt source destination
input_guestzone_rule all – anywhere anywhere /* !fw3: Custom guestzone input rule chain /
ACCEPT udp – anywhere anywhere udp dpts:bootps:bootpc / !fw3: guestzone_DHCP /
ACCEPT tcp – anywhere anywhere tcp dpt:domain / !fw3: guestzone_DNS /
ACCEPT udp – anywhere anywhere udp dpt:domain / !fw3: guestzone_DNS /
ACCEPT all – anywhere anywhere ctstate DNAT / !fw3: Accept port redirections /
zone_guestzone_src_REJECT all – anywhere anywhere / !fw3 */Chain zone_guestzone_output (1 references)
target prot opt source destination
output_guestzone_rule all – anywhere anywhere /* !fw3: Custom guestzone output rule chain /
zone_guestzone_dest_ACCEPT all – anywhere anywhere / !fw3 */Chain zone_guestzone_src_REJECT (1 references)
target prot opt source destination
reject all – anywhere anywhere /* !fw3 */Chain zone_lan_dest_ACCEPT (4 references)
target prot opt source destination
ACCEPT all – anywhere anywhere /* !fw3 */Chain zone_lan_forward (1 references)
target prot opt source destination
forwarding_lan_rule all – anywhere anywhere /* !fw3: Custom lan forwarding rule chain /
zone_ovpn_dest_ACCEPT all – anywhere anywhere / !fw3: Zone lan to ovpn forwarding policy /
ACCEPT all – anywhere anywhere ctstate DNAT / !fw3: Accept port forwards /
zone_lan_dest_ACCEPT all – anywhere anywhere / !fw3 */Chain zone_lan_input (1 references)
target prot opt source destination
input_lan_rule all – anywhere anywhere /* !fw3: Custom lan input rule chain /
ACCEPT all – anywhere anywhere ctstate DNAT / !fw3: Accept port redirections /
zone_lan_src_ACCEPT all – anywhere anywhere / !fw3 */Chain zone_lan_output (1 references)
target prot opt source destination
output_lan_rule all – anywhere anywhere /* !fw3: Custom lan output rule chain /
zone_lan_dest_ACCEPT all – anywhere anywhere / !fw3 */Chain zone_lan_src_ACCEPT (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere ctstate NEW,UNTRACKED /* !fw3 */Chain zone_ovpn_dest_ACCEPT (3 references)
target prot opt source destination
DROP all – anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage /
ACCEPT all – anywhere anywhere / !fw3 */Chain zone_ovpn_dest_REJECT (1 references)
target prot opt source destination
reject all – anywhere anywhere /* !fw3 */Chain zone_ovpn_forward (1 references)
target prot opt source destination
forwarding_ovpn_rule all – anywhere anywhere /* !fw3: Custom ovpn forwarding rule chain /
ACCEPT all – anywhere anywhere ctstate DNAT / !fw3: Accept port forwards /
zone_ovpn_dest_REJECT all – anywhere anywhere / !fw3 */Chain zone_ovpn_input (1 references)
target prot opt source destination
input_ovpn_rule all – anywhere anywhere /* !fw3: Custom ovpn input rule chain /
ACCEPT all – anywhere anywhere ctstate DNAT / !fw3: Accept port redirections /
zone_ovpn_src_ACCEPT all – anywhere anywhere / !fw3 */Chain zone_ovpn_output (1 references)
target prot opt source destination
output_ovpn_rule all – anywhere anywhere /* !fw3: Custom ovpn output rule chain /
zone_ovpn_dest_ACCEPT all – anywhere anywhere / !fw3 */Chain zone_ovpn_src_ACCEPT (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere ctstate NEW,UNTRACKED /* !fw3 */Chain zone_wan_dest_ACCEPT (1 references)
target prot opt source destination
DROP all – anywhere anywhere ctstate INVALID /* !fw3: Prevent NAT leakage /
ACCEPT all – anywhere anywhere / !fw3 /
DROP all – anywhere anywhere ctstate INVALID / !fw3: Prevent NAT leakage /
ACCEPT all – anywhere anywhere / !fw3 */Chain zone_wan_dest_REJECT (1 references)
target prot opt source destination
reject all – anywhere anywhere /* !fw3 /
reject all – anywhere anywhere / !fw3 */Chain zone_wan_forward (2 references)
target prot opt source destination
forwarding_wan_rule all – anywhere anywhere /* !fw3: Custom wan forwarding rule chain /
zone_lan_dest_ACCEPT esp – anywhere anywhere / !fw3: Allow-IPSec-ESP /
zone_lan_dest_ACCEPT udp – anywhere anywhere udp dpt:isakmp / !fw3: Allow-ISAKMP /
ACCEPT all – anywhere anywhere ctstate DNAT / !fw3: Accept port forwards /
zone_wan_dest_REJECT all – anywhere anywhere / !fw3 */Chain zone_wan_input (2 references)
target prot opt source destination
input_wan_rule all – anywhere anywhere /* !fw3: Custom wan input rule chain /
ACCEPT udp – anywhere anywhere udp dpt:bootpc / !fw3: Allow-DHCP-Renew /
ACCEPT icmp – anywhere anywhere icmp echo-request / !fw3: Allow-Ping /
ACCEPT igmp – anywhere anywhere / !fw3: Allow-IGMP /
ACCEPT all – anywhere anywhere ctstate DNAT / !fw3: Accept port redirections /
zone_wan_src_REJECT all – anywhere anywhere / !fw3 */Chain zone_wan_output (2 references)
target prot opt source destination
output_wan_rule all – anywhere anywhere /* !fw3: Custom wan output rule chain /
zone_wan_dest_ACCEPT all – anywhere anywhere / !fw3 */Chain zone_wan_src_REJECT (1 references)
target prot opt source destination
reject all – anywhere anywhere /* !fw3 /
reject all – anywhere anywhere / !fw3 */