Looking forward to kicking the SIP ALG arounf when it is added, my day job is VoIP. LINUX SIP ALG typically deployed as all on or off in the old days was very problematic. Modern LINUX lets you define on for only certain flows, and also lets you define the RTP from different IP address, useful for PBX behind NAT. Hopefully these use cases will all be considered!
Can we please have an option for the switch on the side of the router (eg my GL-AR300M travel routers but also any others with switches) to be able to swap between VPN entries just like it can be used to switch VPN on/off? Iāve set mine to autoconnect to VPN when router starts up but sometimes I want to swap between VPN providers and having to login to the router just to do so (or carry around extra tech just in case I want to) seems pointless when the router has a switch that could easily do this for me and save so much hassle. That would easily be the most useful time saving feature you could add, a great many people would use this feature if it was available.
For example if I setup a working VPN config on the router named āVPN_Provider_1ā and a second named āVPN_Provider_2ā the action of the side switch should then be selectable to swap between VPN providers. If I have more than two VPN providers setup on the router it would be helpful if the GUI for side switch action then let you choose which the button would swap between, eg āVPN_Provider_2ā and āVPN_Provider_3ā
Iād find it useful myself but I also have non technical friends and family that would find this feature very useful as well (rather than me getting a phone call each time if things arenāt working well to just be walked through simply changing the VPN provider).
An extremely high percentage of gl.inet router owners will be using them with a VPN and an extremely high percentage of those will have more than one VPN provider they wish to switch between, making doing so with a simple switch action vs logging into router just makes so much sense Iām a little surprised such an option doesnāt already exist - sounds like an easily implementable popular feature improvement gl.inet could add
The use case sounds informative, but Iām concerned that this feature could cause confusion in a number of places. For example, we need to prevent switching back and forth for a short period of time, consider whether the switch is still valid after a profile rename, and whether switching when VPN is disabled should be enabled on VPN ā¦
We need to discuss this. In fact, users want to use the switch for other things, so maybe opening up the script in LuCI would be a good option?
BTW, have you tried our App? For non-technical users, it might be better to use the App for quick switching.
Hi, Thanks, Iām glad you can see just how useful this option would be, Iād much rather this was part of the gl.inet firmware though so extremely easy for novice users, making this overly complicated and requiring LuCI (which as far as I remember isnāt even installed by default) just means the users who would benefit the most from this would be too scared to even attempt it. Would then take even more effort each time after firmware upgrades as well.
You mention a few possible confusions so Iād suggest you keep it as simple as possible so 100% clear to the end user, the less you need to consider the easier it would be to implement and the more likely we are to get this very useful feature added.
Iād suggest:
The switch option purely adjusts which VPN entry gets set as the āactiveā VPN connection to be used (and automatically connected) when device next restarted - switch adjustment does not actually start the VPN connection at the time the switch is moved or thatās extra possibilities that have to be considered and becomes needlessly complicated
Since switch position purely changes which VPN entry gets set as the VPN connection to be used when device is next restarted (and switch does nothing else) there is no need for anything complicated like preventing switching back and forth for a short period of time etc or what happens to currently active VPN connections etc
Any adjustments to either of the VPN entries that have been set as either switch position A or B should reset side switch back to one of the other switch options (Iād suggest the āNo function (default)ā option) and require switch to be setup again as VPN A/B and chosing which of the entries should be used for switch position A or B - this means you can only ever select VPN profiles that actually exist. You could add a banner note that this would occur after such changes during the side switch VPN A/B setup step or add reminder pop up during save when a VPN entry gets adjusted if you deem it sensible to remind user at this point. This stops any confusion issues of what settings are used for the switch positions or why switch wouldnāt then work after VPN profile rename etc
Keep it all as simple as possible - you can choose two VPN profiles to use for the switch but any changes at all to anything related to those settings and you need to reconfigure the button, all very easy to understand and very minimal complexity.
That should cover all scenarios in the easiest way possible but if you think of any other issues Iād be happy to offer suggestions.
Any plans to support 802.11r i.e. roaming between base stations without need for a mesh?
This is supported by OpenWRT 23.03. Any plans to upgrade the base system to that version?
Thanks for all the good work!
Hi, I have GL-AX1800 (Flint) with firmware v4.2 and use OpenVPN client with āBlock Non-VPN Traffic (KillSwitch)ā and āVPN Policy Base on the VLAN > Private (not Guest)ā. Then private network uses VPN client to connection and guest network uses WAN (Non-VPN) connection. But when OpenVPN connection was dropped, the router blocks guest network traffics too.
I think it not correct behaver and Iād suggest to correct that.
These types of features are not even on the plan list for now. It depends on the direction of our product. As of now, it will only be added to the schedule when we start doing home network coverage/enterprise network coverage.
If you select a stable release at the Downloadcenter, youāll get a āRelease Noteā field: GL.iNet download center
You donāt get this for beta. This makes sense, because there are changes still in progress. And you donāt should use the Beta, if there is no specific reason.
Even if it would be nice to have a release note in every single step, it is a little much to demand for beta.
And: this is definitely the wrong topic for the āquestionā.
Dont offer for Tor only selecting the Country for Exit point with unknown configuration for āStrictNodes 0 or 1ā. Offer by GUI the follow:
Exclusion of Entry, Middle and Exit points with unknown country location by:
ExcludeNodes {??} StrictNodes 1 # exclude nodes from unknown countrys for all node types
EntryNodes {at},{ch},{us} StrictNodes 1 # StrictNode1 will only use one of the sample countrys and no any othe one, if the sample country are not available
ExitNodes {at},{ch},{us} StrictNodes 1 # StrictNode1 will only use one of the sample countrys and no any othe one, if the sample country are not available
To configure Middle nodes is a little bit more complicated. Need to list all country which the user dont like by follow:
ExcludeNodes {de},{fr},{uk} StrictNodes 1
The two-character country code on samples above, according to ISO3166 can be used in either upper or lower case letters. You can find the list p.e. on wikipedia.
The current 4.x version of the firmware already supports https access. The ability to redirect http requests to https is already listed in the plans and will arrive in version 4.5.
Thank you very much for the bug list. However, version 3.x firmware is not expected to be updated after the 3.216 release. So we will be looking at and testing these issues on version 4.x.