VPN Policy Base on the Target Domain or IP issues

I have my Gl AXT1800 (Slate) configured with wireguard VPN (Mullvad) with the option “VPN Policy Base on the Target Domain or IP”. I have some domains on that with the option No use VPN, but it isn’t working with the domain address. Just when I enter the Ip address, the rule works. I am a new user, so I’m not sure if I forgot something. The problem for me in using the IP in this rule is that some sites change their address daily.

Let me know what files I have to share. Currently, I am using the last firmware 4.1.0 release 07.
OpenWrt 21.02-SNAPSHOT r16399+157-c67509efd7 /

It sounds like DNS is not parsed.
Do you enable “Block Non-VPN Traffic” options? What are your DNS settings?

1 Like

It is disabled. I’ve checked.

Just works if I input the IP address. I applied a config to adguard home to see all my clients there instead of the localhost. Maybe it is the responsible for the issue?

AdGuardHome on GL routers - Product Discussion - GL.iNet (gl-inet.com)

Yes, these configs causes all DNS requests to be resolved in ADGuard Home. As a result the VPN does not know exactly which domain your client is requesting.

Incidentally, in version 4.2, the firmware has been added to provide options and descriptions. Users can turn on ADGuard Home Handle Client Request, where ADGuard Home will show which client the request is coming from, but the domain based VPN policy will not work.

1 Like

Ok, understand,
Any chance in future updates that this function can work together with adguard home?
Thank you

By the way, my current firmware version is 4.1.0, and I don’t see any update available to 4.2, is that ok?

There is a 4.2.0 beta2 firmware download for the GL-AXT1800 that you can try, but it may still have some bugs.

I do not work for and I do not have formal association with GL.iNet

1 Like

We would also like them to work together, but so far we haven’t found a solution.

It has not yet been officially released, and only the Beta version has been released so far. It can only be installed manually.
If you are using AXT1800 in a live or production environment, please keep it in Release.

1 Like

Thank you for your support. Right now, I have reverted the config and also started to use NextDNS. I prefer it to Adguard,
Yes, I stay with the current firmware as I have just started learning about the Gl router and configs etc.

I have the same problem on the GL-MT3000: when trying to use the “VPN Policy Base on Target Domain or IP” I found that the policy does not work when I use the domain name: the traffic does not go through the VPN for specific domains included in the list. However, if I use IPs of the same domains, the policy works: traffic is routed through the VPN correctly.
I noticed that AdGuard might be preventing this policy from working correctly, and I disabled the “AdGuard Home Handle Client Requests” switch and even disabled AdGuard completely, but that didn’t make any difference - traffic still isn’t routed through the VPN if I try to use a domain name instead of the domain IP address.
Can anyone tell me what is going wrong and how to fix it?
P.S. Firmware version: v4.4.6

Can you give the domain list?

Also check in your client device if you have set up dns servers. For example in windows if you use it will automatically encrypted so the router does not mange the dns.

Well I included
in the list.
The sites showed me the same IP address (my real IP) whether I enabled the VPN client or not. I’ve tested this in different browsers and using Curl. Then I left the router for a while and the policy started working: the listed sites now show the IP of my VPN server, as expected.

Sounds like DNS Caching for me, somehow.
Could you try http://ifconfig.co instead?

1 Like