New firmware version 4.8 being released for beta testing

Jony · June 6, 2025, 8:56am

Hi,
I have a GL-AXT1800 Slate AX. When running firmware version 4.6.11 the NordVPN works fine with OpenVPN.

When I installed Beta 4.8.0, I chose to reset all settings, NordVPN with Wireguard works intermittent but NordVPN with OpenVPN does not work, see log below. Any idea how I can resolve the issue?

Kind regards, Jony

Wireguard VPN log
Fri Jun 6 10:46:02 2025 daemon.info dnsmasq[20606]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Fri Jun 6 10:46:03 2025 daemon.info dnsmasq[20606]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Fri Jun 6 10:46:05 2025 daemon.info dnsmasq[21658]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Fri Jun 6 10:46:06 2025 daemon.info dnsmasq[21658]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Fri Jun 6 10:46:08 2025 daemon.info dnsmasq[22853]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Fri Jun 6 10:46:13 2025 daemon.notice netifd: Interface 'wgclient1' is setting up now
Fri Jun 6 10:46:14 2025 daemon.info dnsmasq[24129]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Fri Jun 6 10:46:14 2025 daemon.info dnsmasq[24130]: reading /tmp/resolv.conf.d/resolv.conf.wgclient1
Fri Jun 6 10:46:14 2025 daemon.info dnsmasq[24130]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Fri Jun 6 10:46:14 2025 daemon.info dnsmasq[24130]: reading /tmp/resolv.conf.d/resolv.conf.wgclient1
Fri Jun 6 10:46:14 2025 daemon.info dnsmasq[24130]: reading /tmp/resolv.conf.d/resolv.conf.wgclient1
Fri Jun 6 10:46:14 2025 daemon.notice netifd: Interface 'wgclient1' is now up
Fri Jun 6 10:46:14 2025 daemon.notice netifd: Network device 'wgclient1' link is up
Fri Jun 6 10:46:14 2025 user.notice firewall: Reloading firewall due to ifup of wgclient1 (wgclient1)
Fri Jun 6 10:46:14 2025 daemon.info dnsmasq[24129]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Fri Jun 6 10:46:14 2025 daemon.info dnsmasq[24130]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Fri Jun 6 10:46:17 2025 daemon.info dnsmasq[25530]: reading /tmp/resolv.conf.d/resolv.conf.wgclient1
Fri Jun 6 10:46:17 2025 daemon.info dnsmasq[25530]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Fri Jun 6 10:46:17 2025 daemon.info dnsmasq[25529]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Fri Jun 6 10:46:19 2025 daemon.info dnsmasq[26518]: read /tmp/hosts/dhcp.wgclient1 - 4 names

OpenVPN log

Fri Jun 6 10:43:42 2025 daemon.notice netifd: Interface 'ovpnclient1' is setting up now
Fri Jun 6 10:43:43 2025 daemon.err ovpnclient1[4408]: Options error: Unrecognized option or missing or extra parameter(s) in [CMD-LINE]:1: tun-mtu (2.5.8)
Fri Jun 6 10:43:43 2025 daemon.warn ovpnclient1[4408]: Use --help for more information.
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): Error: Could not process rule: No such file or directory
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): flush chain inet vpn_table TUNNEL4278_LOCAL_POLICY
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): ^^^^^^^^^^^^^^^^^^^^^^^
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): Error: syntax error, unexpected newline, expecting number
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): delete rule inet vpn_table PREROUTING handle
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): ^
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): Error: syntax error, unexpected newline, expecting number
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): delete rule inet vpn_table PREROUTING handle
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): ^
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): uci: Entry not found
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): conntrack v1.4.8 (conntrack-tools): 0 flow entries have been deleted.
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): conntrack v1.4.8 (conntrack-tools): 0 flow entries have been deleted.
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): conntrack v1.4.8 (conntrack-tools): 0 flow entries have been deleted.
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): conntrack v1.4.8 (conntrack-tools): 0 flow entries have been deleted.
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): conntrack v1.4.8 (conntrack-tools): 0 flow entries have been deleted.
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): conntrack v1.4.8 (conntrack-tools): 0 flow entries have been deleted.
Fri Jun 6 10:43:43 2025 daemon.notice netifd: ovpnclient1 (4461): conntrack v1.4.8 (conntrack-tools): 0 flow entries have been deleted.

teleney · June 6, 2025, 10:45am

Hi,
In the firmware v4.7, when VPN is turned on, the router's DNS request is sent by default through the VPN interface.
But in v4.8, the local DNS request is sent by default through the WAN port.
You can verify it by running nslookup fw.gl-inet.com 'your ADH DNS upstream' in the router shell terminal.
If it still cannot be resolved, it may be that the DNS server in your area does not support resolving this domain name.

WizMeister · June 6, 2025, 11:10am

It is resolving using both the dns servers provided by WAN (PPoE ISP), and using the Flint itself (127.0.0.1) as I have adguard home enabled.

Is there anything else I can test? Again, this is only occurring on one of my 2 Flint 2's (the screenshot is from the one having the issue)

teleney · June 6, 2025, 11:16am

It should be resolved using the DNS upstream you configured in ADGuard Home.

Melbnz · June 6, 2025, 11:40am

Some more data and screenshots as it occurred again.

Before our journey (and before hard power off)

06/06/2025 09:30 Response to AT command

+QGDCNT: 12299304319,45376754916

+QGDNRCNT: 968838601694,910239684168

OK

After journey 12:43. Approx 200GB added! (Was 300GB previous day)

+QGDCNT: 12047902361,41579773489

+QGDNRCNT: 965041552358,965041552358

OK

I have now modified usage to 34GB and reconnected successfully

Bolton · June 6, 2025, 11:45am

That did the trick, Thank you!

WizMeister · June 6, 2025, 12:36pm

I refresh the Upgrade firmware screen several times but it doesn't even show in ADGuard Home Query Log. However, it does show the lookup queries that I trigger from shell.

alneven · June 6, 2025, 8:48pm

Why don’t you just remove the PIN from the SIM card? Just put it into a phone and disable the PIN. Then the modem won’t ask for it anymore. It won’t resolve the restart issue, but you don’t need to enter it manually.

stivi1983it · June 7, 2025, 3:58pm

I believe the MT6000 still opens port 53 under certain circumstances. You can sometimes see port 53 in Adguard. But if you try to investigate, you don't find any logs or information.

hansome · June 8, 2025, 8:59am

Thanks for your detailed descrption. You requirment is a kind of "from" part the composed vpn policy, we'll implement it later. We just prioritize compatibility with previous settings(mac/vlan and target ip/domain) and have not ignored your needs.

Thank you for your understanding.

Yes we have killswitch for each tunnel.

hansome · June 8, 2025, 9:01am

127.0.0.1:53 as upsteam doesn't mean it open port 53 to wan, I guess it's there due to adguardhome bootstrap process.

teleney · June 9, 2025, 1:15am

Sorry, I made a mistake.
When ADGuard Home is turned on, you can execute cat /tmp/resolv.conf in the terminal and you should see that the upstream server used by the local DNS request is provided by the ISP.

teleney · June 9, 2025, 1:27am

Therefore, when your resolution fails, perhaps the DNS server provided by the ISP has timed out its upstream request. Is that machine still showing this error?

Jane · June 9, 2025, 1:59am

Hey,
When the data usage exceeds the 50GB limit you set, the network connection will be disconnected, and you can adjust the set data limit.
But there seems to be a discrepancy between the AT commands queried before and after and the actual situation. Does this happen every day? Can you share your device and PM my MAC address and login password through the following methods? We will capture some module logs to check for this issue
Technical Support via GoodCloud - GL.iNet Router Docs 4
By the way, what version are you currently using?

WizMeister · June 9, 2025, 7:12am

It’s still failing, every single time I enter the router’s main web gui page (silently) and every time I enter the upgrade screen (with the error message I showed earlier on this thread)

The ISP upstream dns always gives back result every time I manually try.

teleney · June 10, 2025, 10:45am

Hi,
I reproduced it and spent some time to do some troubleshooting. This should be caused by the boot sequence and nginx cache related content.
A temporary solution at present is to restart nginx. /etc/init.d/nginx restart
we will troubleshoot and fix this issue as soon as possible.

Thanks.

Flower · June 10, 2025, 6:52pm

Cannot log in to the router - Snapshot Firmware 4.8.0 2025-06-09

raz1 · June 10, 2025, 7:21pm

I have the same issue on the latest snapshot (0610) for the Beryl AX, the router password isn't working anymore.

Is there a default one that it's been set to?

bill340 · June 10, 2025, 7:21pm

Same here...
Any idea how to fix that?
Already did a factory reset, but after assigning new pw during setup, still no login possible!