MT3000 4.2.0 beta2 - VPN policies unreliable

The first time I try to access the VPN policies page after a firmware upgrade or restore, the page freeze for some times. Trying to add VPN policies based on the Target Domain or IP just doesnt work imediately. After a few tries, it start to work. If I add more than 15 IP domains, there’s a glitch on text UI.
If I try to enable policies based on The Client Device (MAC), it just doesn’t work, it won’t add any MAC address on the /etc/config/vpnpolicy file.

P.S. I noticed similar behaviours for Slate AX and Slate Plus on firmware 4.2.0

This is my /etc/config/vpnpolicy file on firmware 4.1.2

config policy 'domain'
	option default_policy '1'
	list domain 'everyeye.it'
	list domain 'trenitalia.com'
	list domain 'uiblog.it'
	list domain 'lefrecce.it'
	list domain 'tim.it'
	list domain 'esselunga.it'
	list domain 'akamaized.net'
	list domain 'rai.it'
	list domain 'raiplay.it'
	list domain 'akamaihd.net'
	list domain 'msvdn.net'
	list domain 'airbnb.it'

adn this is my /etc/config/vpnpolicy file on firmware 4.2.0

config policy 'domain'
	option default_policy '1'
	option domain 'everyeye.it
trenitalia.com
uiblog.it
lefrecce.it
tim.it
esselunga.it
akamaized.net
rai.it
raiplay.it
akamaihd.net
msvdn.net
airbnb.it
'

We will fix this bug asap

1 Like

This issue is related to keep setting sysupgrade. Version 4.2 beta3 will be released this week to solve this issue.

1 Like

Awesome, however I would like to point out that I never keep settings during upgrades, all I did was copy/paste domain/ip list on the VPN policies page on the UI.

Thanks for pointing out that.
My test on the snapshot version works if do not-keep-setting sysupgrade.
image

Maybe the config file has some unparseable character. Could you provide your
original /etc/config/vpnpolicy file.
Here is mine.
vpnpolicy.zip (383 Bytes)

Unfortunately a couple of weeks ago I changed my network topology to better use Slate AX and Beryl AX at the same time, so all I have is a file from a backup made in Luci, here it is:
vpnpolicy.zip (448 Bytes)
As I said I never keep setting from UI to avoid problems during upgrades. However, I surely tried to restore a backup trough Luci and then I encountered the vpn policies problem. Then I restored the firmware and I manually setup the vpn policies trough copy/paste.

I try your config file, it can be parsed by GL-UI, the format is right, so it should be resolved by snapshot firmware.

1 Like