Hello!
I have an MT3000 with a Wireguard tunnel, Global Tunnel and Kill Switch enabled. This works fine, clients get routed through the VPN.
After upgrading to 4.8.1, I’m observing the following:
opkgcannot access the network (“Failed to send request: Operation not permitted” is one of its messages that caught my attention).- My custom scripts running in the router cannot resolve DNS.
- If I configure DoH in the router and set ‘Custom DNS overrides VPN DNS’, both
opkgand my custom scripts are now able to access the Internet. - However, they are doing so directly through the uplink (ok for
opkg, useless for my scripts – they are supposed to work with the tunnel’s other endpoint).
[UPD] This combination of observations seems to suggest that the DNS traffic originating in the router gets targeted to the VPN-advertised DNS, unless the “Custom DNS overrides VPN DNS” option is set, but the responses are not routed back.
In earlier firmware versions, all traffic originating in the router went through VPN. Can I get the same behaviour with 4.8.1? I am not using any cloud features or remote access to the router from the outside and will be ok with a solution that does not play well with those features. I do have “Services from GL.iNet Use VPN“ enabled.
Any suggestions will be greatly appreciated!
