Hello,
I have the wire guard VPN configured with (VPN Policy Base on the Target Domain or IP). On some sites, I chose not to use the VPN. I don’t use Adguard home from the router because I have my own Adguard home server. When I enter the websites, I still see the IP from the VPN or other sites can’t be accessed because of the VPN.
My config is the following.
ISP Router → Ax1800 Slate with just one client connected and VPN on → Wifi Mesh Tp-link (which I set my DNS IP)
My actual config is,
Slate Ax1800 as a gateway to provide the VPN connection to my asus router (which is responsible for all my clients),
I have a nuc PC with Proxmox, which I installed adguard home because adguard home from gl router can’t support many adblock lists. Also, with my adguard I can see my client’s IPs, not just a local IP.
So in the Asus router, I have the DHCP server with the Ip of my adguard home server, which works perfectly.
The weird thing is that sometimes the configuration works. I have to wait a couple of hours and then the policy starts working.
For example, I changed nothing, and the VPN policy is working. I don’t understand. If I disconnect and reconnect, the VPN policy stops again, but after a couple of hours or a day, the policy works… need to understand and get help from you to fix it
As the DHCP (as well as DNS) goes to your home adguard home server, the vpn policy based on domain does not work on AX1800, which is just normal. I will be surprised that it works some times.
Can you give the details of which list is not usable in AX1800?
BTW in 4.2.0 release firmware for AX1800, Adguard Home can show client IP, not just a local IP.
It’s weird because it’s working perfectly now, Vpn with Policy and my Adguard seeing my clients by their IPs. The problem is when I have to reconnect, the policy stops working. If you need more details, I can share them with you because it’s essential to have a solution. I was planning to buy a Brume but I think I will have the same problem, so I decided to wait
About the list,
If I choose Multi Pro or Multi pro Ultimate lists, around 500K - 1000K lists, after a couple of minutes of use in my devices, the router freeze, and I have to return and reset all my configuration. I tried many times, and occurred the same issue. For me, in slate, only the default lists work.
I know that Adguard can show the client in 4.2, but the VPN policy does not work, and I need the VPN policy because some sites I access need to have the isp IP
No, one list can be 500 or 1000k lines depending if you use multi pro or multi pro ultimate. I don’t think so that is a problem regard the ram because I checked and normally the router operates between 65% or 80%.
So it is better to use one big list then 5 individual list. I use a blocklist from OISD full list with 300,000 Rules or so and a allow list from hl2guide Standard Allow with 4700 rules
It Freezing up was why I thought it is ram along with the 500k-1000k list but you meant
rules
You also have not shared the “VPN Policy Base on the Target Domain or IP”
All my configs are correct regarding the VPN Policy. The problem is related to the GL system that not works appropriately with policy.
I see here in the forum there are many users with specific problems with this feature, maybe in the future, GL can fix that.
I think it user error considering you post one DNS settings page with Override DNS settings for all clients enabled and then another with it disabled, with no explanation. Also what is the edit host settings sequence.
If you don’t want to post The VPN policy publicly you can direct message GL.iNet staff by clicking the icon then the blue message button for private chat.
Also the GUI (GL.iNet User Interface) uses IP-routing tables where LuCi uses NFtables(this caused a bunch of issues in the past)
Thanks, I don’t think is a user error. I sent the correct image in the next post, even though I tried both configs, and it is not working correctly. As I said, I tried many things. Sometimes VPN policy works without explanation. Unfortunately, GL support should investigate it, I was planning to buy a Brume, and I gave up at that moment.
I understand, but also, I said I have my own Adguard server that works. Right now, the VPN policy is working just on one website without any different configuration, which sometimes means the VPN policy is working.
