Are there any limits on how many wireguard clients that can be used ?
It may not seem like it, but it is a very popular and very useful VPN provider, I have been using it (PRO plan) for 8 years. My family also, and many colleagues and friends.
Hello,
I recently learned that the stable release of firmware 4.7.0 for the GL-AX1800 / Flint was canceled.
Having no other option, I flashed the 4.8.0 beta firmware. However, just like with 4.7.0, it seems that kernel cryptographic API features like cryptsetup are not working at all, and I am unable to use commands such as luksOpen.
For what it's worth, I should add that everything was working perfectly on the older firmware, version 4.6.8.
This is a significant issue for me as I was using a LUKS-encrypted storage device and sharing it on my LAN via a Samba server.
Is there any chance this will be fixed in a future release?
Thank you.
root@META-Flint:~# cryptsetup benchmark
# Tests are approximate using memory only (no storage IO).
Cannot initialize crypto backend.
PBKDF2-sha1 N/A
Cannot initialize crypto backend.
PBKDF2-sha256 N/A
Cannot initialize crypto backend.
PBKDF2-sha512 N/A
Cannot initialize crypto backend.
PBKDF2-ripemd160 N/A
Cannot initialize crypto backend.
PBKDF2-whirlpool N/A
Cannot initialize crypto backend.
argon2i N/A
Cannot initialize crypto backend.
argon2id N/A
Cannot initialize crypto backend.
# Algorithm | Key | Encryption | Decryption
aes-cbc 128b N/A N/A
Cannot initialize crypto backend.
serpent-cbc 128b N/A N/A
Cannot initialize crypto backend.
twofish-cbc 128b N/A N/A
Cannot initialize crypto backend.
aes-cbc 256b N/A N/A
Cannot initialize crypto backend.
serpent-cbc 256b N/A N/A
Cannot initialize crypto backend.
twofish-cbc 256b N/A N/A
Cannot initialize crypto backend.
aes-xts 256b N/A N/A
Cannot initialize crypto backend.
serpent-xts 256b N/A N/A
Cannot initialize crypto backend.
twofish-xts 256b N/A N/A
Cannot initialize crypto backend.
aes-xts 512b N/A N/A
Cannot initialize crypto backend.
serpent-xts 512b N/A N/A
Cannot initialize crypto backend.
twofish-xts 512b N/A N/A
root@META-Flint:~#
root@META-Flint:~# opkg list_installed | grep kmod-crypto
kmod-crypto-acompress - 5.4.164-1
kmod-crypto-aead - 5.4.164-1
kmod-crypto-cbc - 5.4.164-1
kmod-crypto-crc32c - 5.4.164-1
kmod-crypto-ecb - 5.4.164-1
kmod-crypto-gf128 - 5.4.164-1
kmod-crypto-hash - 5.4.164-1
kmod-crypto-hmac - 5.4.164-1
kmod-crypto-manager - 5.4.164-1
kmod-crypto-misc - 5.4.164-1
kmod-crypto-null - 5.4.164-1
kmod-crypto-rng - 5.4.164-1
kmod-crypto-seqiv - 5.4.164-1
kmod-crypto-sha1 - 5.4.164-1
kmod-crypto-sha256 - 5.4.164-1
kmod-crypto-sha512 - 5.4.164-1
kmod-crypto-user - 5.4.164-1
kmod-crypto-xts - 5.4.164-1
root@META-Flint:~#
2 Likes
You could always add tunnels manually.
2 Likes
Sorry for singling your post out but all these random VPN provider requests surely fall under the same banner of why do they need to be added?
Don't they offer a guide to setup wireguard on a router?
So it is surely easy to use them on gl-inet routers already.
Some providers might support OpenVPN and/or ipsec also.
Any decent provider would so that customers can use a large range of devices to connect to them.
Normally these included product names someone like gl-inet would want to be getting paid to include. It is an advert/product placement.
Having an endless list of every provider in the world isn't good. Also all these micro companies will go bust and who is going to maintain this endless slush list? Where as if they stop paying, they stop getting listed, easy.
Obviously it's not necessary to have any built-in configuration setup for any VPN service since it can be done manually. But I will say that when given the option, it is a nice quality of life improvement to see my VPN provider of choice directly configurable within the GL.iNet firmware. Once you start providing support for this with one service, people will inevitably ask for you to support them all.
I couldn't agree more, I guess some first word problems are more important than others 
Another way to go would be to make the VPN services loadable modules/plugins. That way people could install only those they need.
If GL published a template then the community could contribute modules for the VPN services they used.
These could then be published as beta's evenutally moved to stable.
I think the way it is right now is the way it should remain: Everyone can configure OpenVPN/Wireguard according to their VPN provider instructions. There's really no need for messing with what is not broken.
On vanilla OpenWrt, one configures OpenVPN/Wireguard tunnels manually as detailed by their provider.
1 Like
Any provider profile included I consider a paid for ad.
If you want another provider included you probably need to convince their marketing department to pay for a spot.
1 Like
I'm probably missing something obvious, but I can't figure out how to set most APN fields in this version. In "SIM Card Settings" I only have APN, IP Type, TTL, HL, MTU, and Authentication fields.
My SIM isn't connecting, so I wanted to try editing the APN fields to make sure they were correct. I also tried the carrier lock function, but it only shows Verizon and T-Mobile, and not AT&T. I see the modem connecting to LTE band 5 but fail to register, so it seems to be able to see AT&T. I just can't get it to connect.
Hello,
Are you using an AT&T SIM card? If so, In "SIM Card Settings" , Try setting the APN to "broadband" and check the network connection. If unfortunately this does not solve the problem, can you confirm that the SIM card is working properly on the phone?
I'm using a RedPocket "A" SIM (AT&T MVNO). It looks like there might actually be an outage here and that band 5 I saw was Verizon instead. I'll have to wait and see.
It did turn out to be an outage.
Perhaps the configuration is not completely correct. Can you share the device and PM my MAC and login password in the following way? I will check it. Thank you
Technical Support via GoodCloud - GL.iNet Router Docs 4
Been away for a while and just tried this verison on my Beryl AX.
I have a site to site connection between two Asus routers. OpenVPN and WG servers on both. It had been driving me crazy trying to figure out, if I connect the Beryl as a client to either end of that site to site, how to get to the other site.
4.8 fixed that, as I now have two openvpn clients on the Beryl, one connected to each side, and a policy rule directing traffic for one site to that client, and one directing all other traffic to the other site. Works perfect!
1 Like
Hi,
Awesome news!
I tried the new firmware today and it seems to work perfectly. I've created 3 different policies to route devices to 3 different VPN tunnels based on their MAC address and the fact that they are in the Guest network. Everything looks good, thanks for this amazing feature!
2 Likes
On the glinet mobile app we can actually login to Windscribe and select the regions / servers that way, it will the import the config to the router and allows us to easily switch to different servers with one click. This is what I currently do on my Brume 2 with 4.7.4 so I can't see why it wouldn't still be available on 4.8? Granted, it's not directly embedded on the router like Nord and IPVanish but it works just as good via the mobile app
Hi,
It is still supported the Windscribe to import the profile to firmware v4.8.0 router in phone APP glinet.
What issue did you encounter?
@bruce I was replying to the conversations from @GigiColtz and @Lun posts above. @lun stated that there was no plans to integrate Windscribe however I was stating there is an easy way via the app that also allows switching of servers.
GigiColtz
Lun - GL.iNet Staff
GigiColtz
With me currently not running 4.8 I couldnt confirm if it was still an option but you have just confirmed it's still possible to do so.
2 Likes
Oh, sorry. 
Thanks for your replies.
No problem, my previous post provided screenshots, to facilitate users to find Winscribe on the glinet APP.