Hello,
just to inform everyone that firmware 4.3.2 beta 1 released on 06-04-2023 has a serious regression compared to firmware 4.2.3 alpha released on 05-09-2023 regarding wireguard vpn client.
With the beta 1 firmware during the wireguard rekeying or in case of a temporary disconnection of the tunnel, the ip route table is reset and all the peers allowed ip in the tunnel are discarded from the routing table. So the wireguard connections is mantained alive, but the every ip is unreacheable.
Please Gl.Inet technical staff take a look at it.
Thanks
1 Like
As far as I know, the allowed ip parameter is not recognized in global proxy mode. Which mode does your VPN work in?
I’m not in global proxy but in auto detect mode.
I’ve configured a split tunnel wireguard vpn.
Check the diffs between May and June, something broke in between.
Update:
I’m testing snapshot 4.2.3-0611 and by now (4 hours) it’s surviving the rekeying and/or tunnel disconnections.
1 Like
After 7 hours the ip on the client are unreachable.
Tomorrow I’ll have access to the Opal to check what went wrong (I suppose the ip router table has been reset)
Hello,
have the FW. Tested Beta 1 “openwrt-mt1300-4.3.2-0604-1685869258”.
I only use the router from my cell phone “iPhone“ (hotspot) via WLAN 5GHz to the router, VPN is all deactivated.
Unfortunately saves this new FW. Beta 1 the LED settings no longer, please fix, thanks!
I’m back on the FW. Beta 3 “openwrt-mt1300-4.1.0-1107-1667792228” back.
Since it is the only FW. is to save the LED settings so that they are still saved even after a restart/cold start and unplugged from the power supply.
All other FW. Vers. can not do this, no matter what FW.
Sincerely
Sven H.
To clarify the wireguard problem:
The routing table has to be this:
default via 192.168.0.1 dev eth0.2 proto static metric 10
10.6.0.0/24 dev wgclient scope link
XXX via 192.168.0.1 dev eth0.2 proto static metric 10
192.168.0.0/24 dev eth0.2 proto static scope link metric 10
192.168.1.0/24 dev wgclient scope link
192.168.12.0/24 dev wgclient scope link
192.168.13.0/24 dev br-lan proto kernel scope link src 192.168.13.1
After about 6-7 hours is reset to this:
ip route
default via 192.168.0.1 dev eth0.2 proto static metric 10
192.168.0.0/24 dev eth0.2 proto static scope link metric 10
192.168.13.0/24 dev br-lan proto kernel scope link src 192.168.13.1
So, as you can see, the tunnel breaks.
Something triggers a total reset of the routing table, the wgclient routes are erased
Please try to remove listen port:
And print these command output for debug:
ip route show table 52
wg
What settings, do you mean to turn led off?
1 Like
Hello,
Thank you very much for your answer and question, I am very pleased.
My English isn’t very good, I’ll attach pictures so you can see my settings for the LEDs.
It also works very well, it just doesn’t save any other FW. so that everything works again after a restart (my settings are there but have no effect).
It’s only with the FW. Beta 3 “openwrt-mt1300-4.1.0-1107-1667792228” possible, my settings work even after a restart.
Wrote a post about it here in the forum:
I’ve tried a lot, but the way I set it now, I can live with it, please see the pictures, thanks!
I am very happy with the “GL-iNet GL-MT1300 (Beryl)”, very good work, thank you very much!
Sincerely
Sven H.
I have no listen port in my clients config…
When the tunnel is ok:
ip route show table 52 spits out this:
default via 192.168.0.1 dev eth0.2 proto static metric 10
XXXX via 192.168.0.1 dev eth0.2 proto static metric 10
192.168.0.0/24 dev eth0.2 proto static scope link metric 10
192.168.13.0/24 dev br-lan proto kernel scope link src 192.168.13.1
wg spits out this:
interface: wgclient
- public key: XXXX*
- private key: (hidden)*
- listening port: 44409*
peer: XXXX
- endpoint: XXXX:51820*
- allowed ips: 192.168.12.0/24, 192.168.1.0/24, 10.6.0.0/24*
- latest handshake: 1 minute, 26 seconds ago*
- transfer: 817.22 KiB received, 1.14 MiB sent*
- persistent keepalive: every 25 seconds*
When the tunnel is ko I don’t know, do you want me to trigger the crash and send you the updated data?
Do you use version release on 2023-06-04? There is a fwmark 0x80000 in working status.
