Hey
We have verified that everything is normal under the management of ESIM. You can
Thank you for your feedback
We have received your request:
Your demand is that clients who use vpn always need to use vpn, and never use wan. When the current VPN tunnel can't be connected, all traffic in the current tunnel will be blocked.
However, we also received demands from other users. Their demand is that the first priority is not to use VPN, but not to disconnect the network. These users need these devices to give priority to using VPN, and they should also connect to the network normally when the VPN is unavailable, that is, they need to access the Internet through wan.
So there is our design effect, by turning off the switch of "Kill Switch", to realize your two needs.
First of all, we can simply understand the "Kill Switch" switch as whether the settings of the current tunnel will be matched by other tunnels when the current tunnel fails. It is a "allow failover" switch, but it is not a failover with the nodes in the tunnel, but a transfer to other tunnels that also match the equipment and are responsible.
"Kill Switch" switch in the tunnel:
Effect of opening: vpn is always used for the equipment and rules matched by the current tunnel, but wan is never used. When the current VPN tunnel cannot be connected, all the traffic of the current tunnel will be blocked, and the equipment and rules matched by the current tunnel will not be executed by other channels that also match the equipment.
Effect of closing: vpn is preferred for the equipment and rules matched by the current tunnel. When the current VPN tunnel cannot be connected, if other VPN tunnels also match the equipment, the equipment will take another VPN tunnel (which can be a wan direct connection or other VPN nodes).
"Non-VPN Tunnel" tunnel:
Our built-in VPN tunnel with the lowest priority, which can match all devices and rules, will be matched by this tunnel when some devices are not matched by VPN tunnel, so as to realize the effect of accessing the Internet directly through WAN.
In other words, all devices and rules that are not matched by VPN tunnel, as well as devices and rules that fail in VPN tunnel and allow failover, will be matched by this tunnel, thus realizing WAN access.
So to sum up, your needs only need:
Finally, we want to provide convenient services for more user groups, but the needs of each user are not the same, so please understand, thank you again for your support and advice, and hope my answer will help you.
Not exactly.
I can explain Lun's comment from my understanding.
killswitch is to "kill - switch" to the next priority tunnel or non VPN interface.
Users can choose to be more secure or to use a backup tunnel.
That option is an attribute of the tunnel, like wireguard application, if you turn off the tunnel intentionally, meaning those traffic designated to that tunnel is not needed any more.
The tunnel currently is a concept of three attributes: source, dest, and VPN instance/interface.
That can also be described as "data path".
For the Non-VPN Tunnel toggle option, it's kept to be compatible with the old version of "Block Non-VPN Traffic". IMHO, that’s not a hard requirement. People should not expected to be protected by VPN if they turn off VPN.
In the old design, it introduced redundant two steps if user wants to switch to use WAN:
Hi, I'm actually still getting repeater performance issues with this beta. I detailed the issue here: GL-XE3000 Puli terrible repeater performance
It would be nice if it could be fixed in this release
I'm getting a lot of this that I didn't get with other firmwares..
Wed May 14 15:23:37 2025 kern.err kernel: [115019.883218] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:39 2025 kern.err kernel: [115021.557090] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:42 2025 kern.err kernel: [115025.123138] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:43 2025 kern.err kernel: [115025.578673] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:45 2025 kern.err kernel: [115027.876222] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:48 2025 kern.err kernel: [115030.926029] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:48 2025 kern.err kernel: [115030.977252] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:53 2025 kern.err kernel: [115036.142288] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:53 2025 kern.err kernel: [115036.149918] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:53 2025 kern.err kernel: [115036.153274] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:53 2025 kern.err kernel: [115036.160685] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:53 2025 kern.err kernel: [115036.164908] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:53 2025 kern.err kernel: [115036.172377] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:53 2025 kern.err kernel: [115036.183862] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:53 2025 kern.err kernel: [115036.187085] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:53 2025 kern.err kernel: [115036.194582] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:53 2025 kern.err kernel: [115036.201842] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:59 2025 kern.warn kernel: [115041.877680] net_ratelimit: 52 callbacks suppressed
Wed May 14 15:23:59 2025 kern.err kernel: [115041.877685] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:23:59 2025 kern.err kernel: [115042.401713] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:04 2025 kern.err kernel: [115047.498482] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:06 2025 kern.err kernel: [115049.081965] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:09 2025 kern.err kernel: [115052.084157] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:11 2025 kern.err kernel: [115053.914665] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:12 2025 kern.err kernel: [115055.216679] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:18 2025 kern.err kernel: [115060.977253] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:19 2025 kern.err kernel: [115062.122815] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:21 2025 kern.err kernel: [115064.036323] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:22 2025 kern.err kernel: [115064.540172] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:22 2025 kern.err kernel: [115064.970099] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:23 2025 kern.err kernel: [115065.634133] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:23 2025 kern.err kernel: [115066.047876] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:23 2025 kern.err kernel: [115066.445620] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:24 2025 kern.err kernel: [115067.051671] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:25 2025 kern.err kernel: [115068.187488] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:26 2025 kern.err kernel: [115068.595425] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:27 2025 kern.err kernel: [115069.753330] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:27 2025 kern.err kernel: [115070.248803] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:30 2025 kern.err kernel: [115072.765899] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:30 2025 kern.err kernel: [115073.362252] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:32 2025 kern.err kernel: [115075.369846] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:33 2025 kern.err kernel: [115075.579694] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:34 2025 kern.err kernel: [115076.869339] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:34 2025 kern.err kernel: [115077.297186] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:34 2025 kern.err kernel: [115077.462364] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:35 2025 kern.err kernel: [115078.434642] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:35 2025 kern.err kernel: [115078.439669] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:35 2025 kern.err kernel: [115078.442067] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:35 2025 kern.err kernel: [115078.449719] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:35 2025 kern.err kernel: [115078.456902] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:35 2025 kern.err kernel: [115078.464516] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:35 2025 kern.err kernel: [115078.471685] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:35 2025 kern.err kernel: [115078.479184] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:35 2025 kern.err kernel: [115078.486403] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:35 2025 kern.err kernel: [115078.486413] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:45 2025 kern.warn kernel: [115088.469556] net_ratelimit: 53 callbacks suppressed
Wed May 14 15:24:45 2025 kern.err kernel: [115088.469561] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:45 2025 kern.err kernel: [115088.481914] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:45 2025 kern.err kernel: [115088.481929] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:45 2025 kern.err kernel: [115088.481938] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:45 2025 kern.err kernel: [115088.481974] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:45 2025 kern.err kernel: [115088.481983] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:45 2025 kern.err kernel: [115088.481991] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:45 2025 kern.err kernel: [115088.481999] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:45 2025 kern.err kernel: [115088.482007] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:45 2025 kern.err kernel: [115088.482017] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:51 2025 kern.warn kernel: [115093.619144] net_ratelimit: 47 callbacks suppressed
Wed May 14 15:24:51 2025 kern.err kernel: [115093.619148] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:51 2025 kern.err kernel: [115094.436894] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:51 2025 kern.err kernel: [115094.436908] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:51 2025 kern.err kernel: [115094.444435] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:51 2025 kern.err kernel: [115094.444445] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:51 2025 kern.err kernel: [115094.452143] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:51 2025 kern.err kernel: [115094.459583] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:51 2025 kern.err kernel: [115094.467167] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:51 2025 kern.err kernel: [115094.474305] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:51 2025 kern.err kernel: [115094.482052] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:24:57 2025 kern.warn kernel: [115099.936416] net_ratelimit: 158 callbacks suppressed
Wed May 14 15:24:57 2025 kern.err kernel: [115099.936421] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:25:15 2025 kern.err kernel: [115117.523161] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:25:36 2025 kern.err kernel: [115139.110943] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:25:36 2025 kern.err kernel: [115139.438640] ovpn_decrypt_one: error during decryption for peer 1, key-id 0: -22
Wed May 14 15:25:46 2025 kern
On X3000
There is a snapshot section now on the firmware download page for the Flint 2. I think this is new?
I upgraded to it from the beta and seems to be fine so far.
Still waiting for luci-app-sqm to be available again though, hopefully it won't be too long. 
Thank you very much. Yes, I had a problem with the fact that I did not buy this eSIM card for the router. Now I've bought a card, everything is fine, but now I can't figure out which operator is which tariff is suitable for the router. All operators ask for an IMEI and, for example, Visible said that eSIM does not work with routers. Could you tell me which operators with physical and eSIM are suitable for working with your router?
Beta 4.8.0 indicating that internet is not available, yet has internet. Client devices connect to the internet as usual yet led blinks blue and on webui, the interface has exclamation mark.
Setup: Wan detection set on strict mode. Wan is ethernet 1 set on second priority on multiwan list. Ethernet 2 (set as first priority) did not have internet. Sensitivity set on high.
It’s going to depend on your location, but since you mention Visible, I assume it’s the US. As a test, I installed an eSIM from Airalo, and it worked, but you probably don’t want to use third-party eSIM providers unless you have to. Visible/Verizon don’t want you to use that service on a non-phone device. There are ways around this, I believe, but I don’t think it’s possible with an eSIM. With a physical SIM that’s already active, you can update the IMEI of the router’s cellular modem (look up the command for this) to match that of the phone you used for service activation. I’ve seen people say it’s important to back up your original IMEI in case you need to restore it.
If you want to go an officially supported route, you can look at Calyx. I believe there are other plans that are meant for BYO cell modems as well. There’s a website/Youtube channel called the Mobile Internet Resource Center or something to that effect which is a good resource for people in the US.
For my mt6000 trying to flash that snapshot results in this:
Testing the firmware with sysupgrade failed.
Hi @viki777love I think what @pie said is very professional, you can refer his answer.
At this stage, it is a good choice for you to use a third-party esim profile, or an eSIM store that we cooperate with(refer to link and picture below), we guarantee 100% compatibility and availability of profiles sold by these esim stores. GL.iNet will also provide support when there is a traffic problem about these two esim store.
Currently, there is no clear or consistent policy from US carriers regarding eSIM usage on non-phone devices such as routers. We are not aware of a formal process to obtain official carrier authorization for these use cases.
Thank you very much! @pie
GL-MT6000 Flint 2 and the same situation:
Testing the firmware with sysupgrade failed.
Firmware Verification
Version 4.0.0
SHA256 743ba6e242a9b44780a57918e48d42fd3137e3e4a577c6021a631a43958fc4c5
Verification Result Failed
Hello,
We are aware of this situation, the firmware storage path is abnormal, and the R&D is going to re-upload the firmware.
Now it shows as below. Is it correct that it doesn't detect the version?
Upload successful
openwrt-mt6000-4.8.0-0516-1747331513.bin
This is an unknown version, is 3rd-party firmware or the version is old.
Firmware Verification
* Version unknown
* SHA256 66277756dd84a25be37869d910136a6a95848cf3b63f89dd0ba6af639cdf8077
* Verification Result Pass
* Keep Settings
Yeah very weird. Im waiting
Hello, I use beta firmware on X3000 router.
I tryed to install luci-app-gpoint_2.6.1_all.ipk
But I recived error
root@GL-X3000:/tmp# opkg --nodeps install ./luci-app-gpoint_2.6.1_all.ipk
Unknown package 'luci-app-gpoint'.
Collected errors:
root@GL-X3000:/tmp# opkg install luci-lua-runtime
Unknown package 'luci-lua-runtime'.
Collected errors:
root@GL-X3000:/tmp# opkg print-architecture
arch all 1
arch noarch 1
arch aarch64_cortex-a53 10
Hoping to get luci app sqm and sqm scripts updated for this soon
Hi,
Since a few days I am running 4.8 on my flint 2.
It runs fine as far as I can see but.......
In the mobile app the possibility to disable my Wireguard client or change the Wireguard Client dissapeared.
Also the control for enable/disable the Wireguard server on the Mt6000 is gone.
Any solutions for that or is there an update for the app or the interface of the router necessary?
The new version of the app is still in beta. It will hit the App Store Testflight and Google Play Beta in this week.
Hi. Could you please confirm whether the detection mode is set to "Low Data" mode, and also verify if reducing the sensitivity affects normal network detection?