I am encountering an issue where my GL.iNet device is unable to establish a WireGuard VPN connection to a WireGuard server hosted on my Speedport router. I am able to connect to the same server without issues using the WireGuard mobile app, but the GL.iNet device fails to establish the connection. Below are the details of the issue:
- Device Model: GL-MT300N
- Firmware Version: v4.7.4
- WireGuard Server IP: The IP address of the WireGuard server hosted on my Speedport router
WireGuard Client Configuration:
* Interface: wgclient
* Endpoint: MYIP:53280
* Allowed IPs: 0.0.0.0/0
* Persistent Keepalive: 25 seconds
LOGS:
root@network:~# logread -f
Tue Jun 3 23:46:05 2025 daemon.notice netifd: Interface 'wgclient' is setting up now
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[4489]: exiting on receipt of SIGTERM
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10157]: Connected to system UBus
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10164]: started, version 2.85 cache disabled
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10164]: DNS service limited to local subnets
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10164]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth cryptohash DNSSEC no-ID loop-detect inotify dumpfile
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10164]: UBus support enabled: connected to system bus
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq-dhcp[10164]: DHCP, IP range 192.168.8.100 -- 192.168.8.249, lease time 12h
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10164]: using only locally-known addresses for domain lan_chgd
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10164]: using nameserver 1.0.0.1#53
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10164]: using nameserver 1.1.1.1#53
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10164]: read /etc/hosts - 4 addresses
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10164]: read /tmp/hosts.vpn/lan_hosts - 1 addresses
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq-dhcp[10164]: read /etc/ethers - 0 addresses
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: Connected to system UBus
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: started, version 2.85 cachesize 150
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: DNS service limited to local subnets
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: compile time options: IPv6 GNU-getopt no-DBus UBus no-i18n no-IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth cryptohash DNSSEC no-ID loop-detect inotify dumpfile
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: UBus support enabled: connected to system bus
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq-dhcp[10443]: DHCP, IP range 192.168.8.100 -- 192.168.8.249, lease time 12h
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq-dhcp[10443]: IPv6 router advertisement enabled
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: using only locally-known addresses for domain test
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: using only locally-known addresses for domain onion
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: using only locally-known addresses for domain localhost
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: using only locally-known addresses for domain local
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: using only locally-known addresses for domain invalid
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: using only locally-known addresses for domain bind
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: using nameserver 1.0.0.1#53
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: using nameserver 1.1.1.1#53
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: using only locally-known addresses for domain lan
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: read /etc/hosts - 4 addresses
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq[10443]: read /tmp/hosts/dhcp.cfg01411c - 1 addresses
Tue Jun 3 23:46:05 2025 daemon.info dnsmasq-dhcp[10443]: read /etc/ethers - 0 addresses
Tue Jun 3 23:46:55 2025 daemon.info dnsmasq-dhcp[10443]: DHCPREQUEST(br-lan) 192.168.8.150 8c:53:e6:c8:5a:8b
Tue Jun 3 23:46:55 2025 daemon.info dnsmasq-dhcp[10443]: DHCPACK(br-lan) 192.168.8.150 8c:53:e6:c8:5a:8b LAPTOP
^Croot@network:~# sudo wg show
interface: wgclient
public key: KEY
private key: (hidden)
listening port: 35253
fwmark: 0x8000
peer: KEY
preshared key: (hidden)
endpoint: 84.190.204.221:53280
allowed ips: 0.0.0.0/0
transfer: 0 B received, 1.88 KiB sent
persistent keepalive: every 25 seconds
root@network:~#
Observation:
When I disable the firewall I could connect to the VPN server!