I'm using Beryl AX I will try it later, I hope it's the same for me. What is your kernel version?
Ohh that's great news!
In version 4.8 AdGuardHome supports DNS traffic separation — it follows the policy rules, meaning devices or domains not using the VPN will go through WAN, while others will go through the VPN.
I think your requirement is also reasonable. We need to add some compatibility design to improve this.
2 Likes
Thanks
Thanks for the information and I am always left astounded at the level of dedication and hard work GL team put in every achieving what customer request. May you reach every height of success!
Thanks for the great features and continues support.
1 Like
Hello everyone,
I just installed Beta Version 4.8 for GL AX 1800 Flint.
My problem is that the VPN won't exclude domain addresses or IP List addresses.
Has this been reported before?
Sorry, a change some time ago introduced this issue.
You can execute the following code in the background and restart the service to solve this issue.
sed '409s|.*|fw4_to_option="ip daddr $negate @${to} ${split} ip daddr $negate @${to}_sta"|' -i /usr/bin/rtp2.sh;
sed '410s|.*|fw4_to_option="${fw4_to_option}#ip6 daddr ${negate} @${to}_6 ${split} ip6 daddr ${negate} @${to}_6_sta"|' -i /usr/bin/rtp2.sh;
sed '409i [ -z "$negate" ] && split='\''#'\''' -i /usr/bin/rtp2.sh;
sed '409i local split='\'\''' -i /usr/bin/rtp2.sh;
After execution, the relevant part of the code in /usr/bin/rtp2.sh will become as shown below.
We will compile a new firmware as soon as possible to replace it.
1 Like
Thank you for your prompt response.
Have a nice day.
There are errors in the log, but it seems the code modification worked.
LOGS:
Tue Jul 22 11:23:00 2025 daemon.notice netifd: Network device 'wgclient1' link is down
Tue Jul 22 11:23:00 2025 daemon.info dnsmasq[15410]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Tue Jul 22 11:23:00 2025 daemon.notice netifd: wgclient1 (14914): Error: Could not process rule: No such file or directory
Tue Jul 22 11:23:00 2025 daemon.notice netifd: wgclient1 (14914): flush chain inet vpn_table TUNNEL10_ROUTE_POLICY
Tue Jul 22 11:23:00 2025 daemon.notice netifd: wgclient1 (14914): ^^^^^^^^^^^^^^^^^^^^^
Tue Jul 22 11:23:00 2025 daemon.notice netifd: wgclient1 (14914): Error: Could not process rule: No such file or directory
Tue Jul 22 11:23:00 2025 daemon.notice netifd: wgclient1 (14914): flush chain inet vpn_table TUNNEL10_LOCAL_POLICY
Tue Jul 22 11:23:00 2025 daemon.notice netifd: wgclient1 (14914): ^^^^^^^^^^^^^^^^^^^^^
Tue Jul 22 11:23:00 2025 daemon.notice netifd: wgclient1 (14914): Error: syntax error, unexpected number, expecting end of file or newline or semicolon
Tue Jul 22 11:23:00 2025 daemon.notice netifd: wgclient1 (14914): delete rule inet vpn_table PREROUTING handle 35 36
Tue Jul 22 11:23:00 2025 daemon.notice netifd: wgclient1 (14914): ^^
Tue Jul 22 11:23:01 2025 user.notice firewall: Reloading firewall due to ifdown of wgclient1 ()
Tue Jul 22 11:23:02 2025 daemon.notice netifd: Interface 'wgclient1' is now down
Tue Jul 22 11:23:08 2025 daemon.notice netifd: Interface 'wgclient1' is setting up now
Tue Jul 22 11:23:09 2025 daemon.info dnsmasq[17778]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Tue Jul 22 11:23:09 2025 daemon.info dnsmasq[17780]: reading /tmp/resolv.conf.d/resolv.conf.wgclient1
Tue Jul 22 11:23:09 2025 daemon.info dnsmasq[17780]: read /tmp/hosts/dhcp.wgclient1 - 4 names
Tue Jul 22 11:23:10 2025 daemon.info dnsmasq[17780]: reading /tmp/resolv.conf.d/resolv.conf.wgclient1
Tue Jul 22 11:23:10 2025 daemon.info dnsmasq[17780]: reading /tmp/resolv.conf.d/resolv.conf.wgclient1
Tue Jul 22 11:23:10 2025 daemon.notice netifd: Interface 'wgclient1' is now up
The error printed here is caused by the connection timeout or manual closing of the tunnel before the connection is successful..
Can the VPN tunnel connect normally? Do the tunnel rules meet your expectations?
If everything is as you expected, these errors don't matter, we will handle them later.
Yes, I'm testing, but everything seems to be working correctly.
Thank you.
This happened when adding NordVPN. I reloaded the configuration page but the same thing occurred. I'm on the latest beta 4.8 v. 8.
Note: I am on a Mac, using the XE3000 puli 5G router. Reset the firmware but the problem persists. The entire WireGuard Client goes blank, and no VPN can be used.
I tried the 4.8.0-op24 on my Beryl-AX the wifi performance using iperf3 is actually better than the stable 4.7.4.
2 Likes
Oh my!
I just flashed the OpenWrt official 24.10.2 yesterday 
I was tired to wait an hypothetic new release OP24…
While I remain genuinely enthusiastic about version 4.8.0-op24, I find myself increasingly discouraged by the extended delays in releasing new updates—particularly in the absence of any communicated progress.
3 Likes
Patience is golden ? 
4.8 opo-24 Really guys, how the hell did this make it past QA/QC VPN is completely unconfigurable
3 Likes
Adding to non configurable vpn I add weird errors on GUI and exclamation mark on assigned static IP in client list.
2 Likes
I flashed the openwrt-mt6000-4.8.0-op24-0725-1753414380 and faced two issues:
- VPN is completely non-configurable.
I then backed off to openwrt-mt6000-4.8.0-0721-1753091345, and discovered that the 4.8.0-op24-0725-1753414380 had wiped my VPN configuration, and I had to redo it.
And now I have to ask again - when are we getting the config backup/restore on this UI?
This is the best thing to do.
My Flint 2 is on Vanilla OpenWrt 24.10.2 and running without any issue.
I just upgraded my GL-MT3000 (Beryl AX) to 4.8.0-op24 (25/07/2025) and this firmware is completely broken.
2 Likes