Today my x3000 lose some configuration and the nginx don't start. Lucid webpage was accessible.
Starting nginx directly gave an error message "no name server in /etc/nginx/conf.d/gl.conf:24" (hope the path is correct).
After factory reset the device worked again.
I just upgraded to 4.8 Beta on my Spitz AX so I could try out the selective VPN tunnel feature. It seems to be working great when selecting based on device! I initially tried to pipe through the VPN based on domains to get around streaming throttling on Calyx's wireless internet service (thanks, T-Mobile) and that didn't seem to work well, but it's possible that I just couldn't find the correct domains/subdomains to add to the list.
Does the domain/IP list for selective VPN tunneling require explicit definition of subdomains or does domain.tld work? What about wildcards like *.domain.tld? EDIT: It definitely doesn't accept the * wildcard. I'm still having trouble with traffic to set domains apparently not being tunneled. Maybe it's because I'm using NextDNS (over TLS) on the Spitz AX.
I also noticed that the UI of the router configuration pages seems to become less responsive under the 4.8 beta.
I’m having a similar issue on GL-X3000 (4.8 Beta3). I've set up Netflix and YouTube to be routed through my VPN (due to throttling of T-Mobile). In my case:
It's working well on my macOS devices (Safari).
It's not working on my iOS devices (Safari and the YouTube app).
I would still check that private relay is turned off.
It only applies to that particular Wi-Fi connection, it won’t apply to all the others you have saved.
I have noticed different behavior of T-Mobile's throttling based on the device and service. For example, my computer can stream Youtube at 4K, but my phone gets throttled (both while on WiFi feeding through Calyx/T-Mobile). One thing that seems to be very consistent, and a good test case, is fast.com. No matter what device I'm using, T-Mobile always throttles it to 2.5Mbps when not on a VPN tunnel. I used dev tools to look at the domains being hit on the site and added these to the selective VPN tunnel in the GL.iNet UI:
That is a good idea. I am on a Mac, so I used a similar tool called Little Snitch and was able to verify that I was only hitting those domains when navigating to fast.com.
Recently when I was trying out a free Magenta Max line in my GL-X3000 I was getting Netflix buffering on a Fire Stick 4K Max because I did not turn this on for the line in the T-Life app:
Device Settings > Video Quality > 4K UHD Video
My TMHI SIM line does not have this setting nor has it ever buffered on Netflix for the 3 years I have had it. I don't use a VPN.
Once I turned it on for the free line it stopped buffering. While that may not be the reason for your issue I thought to add it here for future lurkers with Netflix buffering problems using a Non-TMHI SIM.
I might as well add another comment about the Private Relay setting on the iPhone. A user on one of my lines had turned it on and was complaining about ads on my WiFi. All other iPhones and iPads were blocking on the network as usual except this one. Once I found out the Private Relay setting was on, I turned it off, and Adguard was back to blocking ads on the device while on my network.
When you have private relay on it shows as an unknown device in the router device list. I don’t like that, I have named all my devices so I know what’s on my network.
Seems a pointless thing to use anyway.
Hope 4.8 will fix upgrading AdGuard for the Firmware v4.7.0 on (GL-AXT1800 Slate AX and GL-AX1800 Flint) had to stay on Firmware v4.6.11, and I’m missing out on the NordVPN direct config for the clients as there is none on Firmware v4.6.11.
GL-MT6000 Flint 2 Firmware v4.7.7 has no AdGuard problems upgrading fine currently on AdGuard Version: v0.107.61.
Thanks
I just upgraded to the beta. So far, the performance seems much better.
However, the vpn configuration just doesn't work at all. Especially the killswitch and tunnels.
First of all, if I enable the killswitch option without auto select profile, it won't let me save (button is disabled)
Second, with the killswitch enabled but the vpn off, traffic still works (routes to default tunnel).
Basically what I want is 2 devices on vpn with kill switch, and the rest of the devices off vpn. I tried creating 2 tunnels, one with inlcude and one with exclude. But no matter what, if the vpn is off, those devices still get traffic.
After a while the router got totally messed up, and I was getting traffic with all tunnels off (what's even weirder is ping was blocked, but I was able to search random things on google just fine)
This was all working in the previous firmware, so there's some bug with the tunnel config.
I didn't reset my settings after updating, so that could be part of it
toggle option to force Adguard traffic use Wireguard VPN with a bootstrap DNS
give proper VPN bypass rules for clients, if the "Block Non-VPN Traffic" option being used. so you can add clients which will always work and bypass VPN even with "Block Non-VPN Traffic" activated
