Hi spacerreg,
I’m running the 3.024 version of the default gl.inet release. Is there a difference between the two releases? Is it necessary to use the “OpenWrt Only” release? I like the simple admin page of the official software an would like to use it.
Go to this page:
https://dl.gl-inet.com/firmware/
Download the firmware for your router from the /testing folder. It should be 3.026 or higher and see if your problem is fixed. Don’t use the Clean OpenWRT if you want the usual simple UI too.
Sorry, but it is also not working with version 3.026. Same problem I get a connection to the FritzBox but no traffic over TUN0. The only difference is that I want to connect to a wireless network. so I use wwan instead of wan as "Output Interface. But I think this should not be the problem.
Here are some screens of my configuration
Any ideas what I can try to fix the Problem?
I have the same configuration and problem as grossmeistetBM.
Is there something like a routing rule missing? A device in the WLAN (LAN interface) uses the gateway address 192.168.8.1.
From this address / IP segment there must be an rule to route the package to the gateway of the 192.168.x.x (interface TUN0, Fritzbox) using the TUN0 interface and indirectly the WWAN interface as physical interface of the VPN connection.
Is the simple firewall rule between LAN and TUN0 zone enough to route packages between these IP ranges? Do we need special routing entries to route the complete network traffic from LAN through the TUN0 interface?
What about different VPN protocols. Do they use only firewall rules or additional routing table entries?
I’m new to openwrt but for sure here are some experts for router configuration. Hopefully with a solution for our Fritzbox VPN problem using VPNC 
Hi,
are there no new ideas for this problem?
Would be great if anybody could help.
maybe this can help you. I haven’t tested it yet:
Hello all,
have got the same issue as grossmeisterBM and Co.
For me the solution was to turn on the VPN policies. There you can switch between all traffic should be through VPN con. or not.
Greetings,
Tomo
It is such a great project
Only I don’t get it implemented!
The instructions are very good.
@tomo
Could you please explain the steps for VPN in more detail.
Hi @funktion,
I have just followed strictly the instructions by eagle76. See postings above.
Best regards,
Tomo
Thank you Tomo,
switching on the VPN policies works for me too.
Hi Grossmeister,
glad to hear that. 
Can u tell me if your connection stays established? Mine disconnects after a while 
Idk why…
Anyway I don’t use it anymore, just needed this solution on holiday. Nevertheless it would be nice to know for future approach.
Viele Grüße und bleib gesund / Best regards,
Tomo
Hi Tomo,
sorry but I can’t tell you if it works for longer periods. My plan was to use it on holidays 
I only test it with my mobile phone as second network.
An interesting point is, when I switch off the TUN0 interface www.wieistmeineip.de shows me the mobile phone IP. When TUN0 is switched on I see the the FritzBox IP.
I thought, for switching between the two options it is necessary to change the inter zone forwarding in firewall options.
Or is “traffic over TUN0” forced by changing the vpn policies to “Use VPN for all processes on the router.”?
It would be great if somebody could help with a litle script to use the hardware switch of the router to activate/deactivate the vpn
Viele Grüße auch von mir
Björn
I can’t get it to work.
where do I turn it on… VPN policies
How do I set it!
Please with a screenshot
Hi funktion,
maybe you have to update your firmware. I’m currently running the prerelease 3.100.
In this version you can find the following in the GL.iNet Admin Panel:
Thanks @GrossmeisterBM
Unfortunately I have not yet managed to do it!
I have a GL-MT300N-V2 FirmwareV 3.102
I tried the steps from
eagle76
I was able to get this to work. This is what I did:
Go to System-Software
install:
System-reboot
Network-interfaces: Add new interface…
name (4 charachters only! e.g. ‘TUN0’)
protocol: VPNC
VPN Server: enter url of server
Output Interafce: wan
MTU: 1380
Username: name as entered in FritzBox
Password: password for user on FritzBox
Auth Group: same as Username
Group Password: Preshared key as in FritzBox
IKE DH Group: dh2 (should be default)
Perfect Forward Secrecy: nopfs
DPD Idle Timeout: 0
Go to tab Advanced… Make sure ‘Bring up on boot’ is checked
Go to tab Firewall Settings… Assign to ‘LAN’ zone
Click ‘Save and Apply’
Network-interfaces:
Make sure TUN0 has an IP address and is up.
----------------------------------------------------------------------------------------------!
After this step, my adapter has no IP from the remote Fritzbox!
Where could my mistake be?
Does anyone have a tip?
With the Shrew Soft VPN Client it works right away!
Hey funktion,
maybe you mixed up wan and wwan as Output interface in TUN0 configuration?!
best regards
g
Moin Moin ( Hey ) grossmeisterBM
in my first attempt I only used the WAN connection and a PC on the LAN connection.
WWAN comes later as soon as I understand how the attitude is
I’m going to test other hardware because I still have a GL ar750 and a router with Open WRT directly.
Danke and best regards
Hey some information,
with a TP-1043 and a GL-AR750 I get an IP address on Tun0.
I think the routing rule is still missing or should it be done with the VPN Policies?
“try adding the following routing rules ip route add 0.0.0.0/1 dev tun ip route add 128.0.0.0/1 dev tun”
only where do I insert this line exactly?
Hello everyone,
I have the same problems as @eagle76 / @grossmeisterBM.
My system consists of a “GL.iNet GL-MT300N” and a FritzBox 7590.
The configuration is done as described by @eagle76.
The VPN tunnel is up and I got an IP address from the FritzBox.
But I have no working connection from the external LAN to the FritzBox LAN.
I guess there are also missing firewall settings.
Does anyone have new findings and can help me?
Thanks in advance!
Many greetings
Christoph
Translated with DeepL Translate: The world's most accurate translator (free version)
Hi Christoph
did you try setting the switches as described in my post from april the 17th?
Since that it workes fine for me.
Best regards
B.
