MT300N - Wireguard VPN Client Works until Kill Switch activated

Hi all!

I have bought the MT300N to allow me to travel and work around Europe whilst maintaining an IP address as though I am physically located at home. :smirk:

I have set up Wireguard on both my home router and the MT300N and when I have activated the connection in the MT300N my public IP address is reported as the one of my home router. So all good there.

However, to be extra sure that my roaming IP address will not be leaked, I want to make use of the Kill Switch feature, but when I switch it on I seem to lose web access completely.

I am able to ping an IP address such as, but doing an nslookup of fails - so I am thinking something isn’t quite right with the DNS?

I am quite a newbie when it comes to all this, so am now feeling out of my depth a bit, so if anyone can give me a few pointers I would be extremely grateful :slight_smile:


Can you configure custom DNS servers in the router as well?

Try encrypted DNS services, e.g. cloudflare.

Thanks @alzhao :slight_smile:

The config was as follows:

Address =
PrivateKey = <PRIVATE_KEY>

PublicKey = <PUBLIC_KEY>
AllowedIPs =,::/0
PersistentKeepalive = 25

I changed the DNS to and it allowed me to maintain my connection when the kill switch was enabled. :+1:

The endpoint router is configured to use NextDNS and I would like to be able to use this over the VPN connection too, do you know how I can do this?

What is your firmware version? I need to do a test.

Hostname GL-MT300N-V2
Model GL-MT300N-V2
Architecture MediaTek MT7628AN ver:1 eco:2
Firmware Version OpenWrt 19.07.8 r11364-ef56c85848 / LuCI openwrt-19.07 branch git-21.189.23240-7b931da
Kernel Version 4.14.241

Current Version: 3.212

Hi Peanut

I have test, the MT300N-V2, Version 3.212. in the wireguard config, Not set DNS, it work fine.

config as:

root@GL-MT300N-V2:~# cat /var/etc/wireguard.conf
ListenPort = 37484
PrivateKey = mK+IJ5EKUytc0Kge/4lvyH5RYIXI+EntNSlcrXfx43g=

PublicKey = uHz0TLd7ISx+EHwaeby6sLQMGxQH8EMI7e9QYt+lDBs=
AllowedIPs =,::/0
PersistentKeepalive = 25
Endpoint =

close the kill Switch, the wireguard VPN also work fine.