What I am doing wrong (VPN)

I have the wire guard VPN configured with (VPN Policy Base on the Target Domain or IP). On some sites, I chose not to use the VPN. I don’t use Adguard home from the router because I have my own Adguard home server. When I enter the websites, I still see the IP from the VPN or other sites can’t be accessed because of the VPN.
My config is the following.
ISP Router → Ax1800 Slate with just one client connected and VPN on → Wifi Mesh Tp-link (which I set my DNS IP)

Is there something I am doing wrong? I have the 4.2 firmware.


Can you share the details of the Settings in the domain name policy?

This is my DNS config

Any suggestions here? I changed my wifi mesh to Asus ZenWifi and it occurs the same, VPN policy does not work

How do you configure your own adguard home server to the router?

My actual config is,
Slate Ax1800 as a gateway to provide the VPN connection to my asus router (which is responsible for all my clients),
I have a nuc PC with Proxmox, which I installed adguard home because adguard home from gl router can’t support many adblock lists. Also, with my adguard I can see my client’s IPs, not just a local IP.
So in the Asus router, I have the DHCP server with the Ip of my adguard home server, which works perfectly.

The weird thing is that sometimes the configuration works. I have to wait a couple of hours and then the policy starts working.

For example, I changed nothing, and the VPN policy is working. I don’t understand. If I disconnect and reconnect, the VPN policy stops again, but after a couple of hours or a day, the policy works… need to understand and get help from you to fix it

As the DHCP (as well as DNS) goes to your home adguard home server, the vpn policy based on domain does not work on AX1800, which is just normal. I will be surprised that it works some times.

Can you give the details of which list is not usable in AX1800?
BTW in 4.2.0 release firmware for AX1800, Adguard Home can show client IP, not just a local IP.

It’s weird because it’s working perfectly now, Vpn with Policy and my Adguard seeing my clients by their IPs. The problem is when I have to reconnect, the policy stops working. If you need more details, I can share them with you because it’s essential to have a solution. I was planning to buy a Brume but I think I will have the same problem, so I decided to wait

About the list,

If I choose Multi Pro or Multi pro Ultimate lists, around 500K - 1000K lists, after a couple of minutes of use in my devices, the router freeze, and I have to return and reset all my configuration. I tried many times, and occurred the same issue. For me, in slate, only the default lists work.

I know that Adguard can show the client in 4.2, but the VPN policy does not work, and I need the VPN policy because some sites I access need to have the isp IP

That sounds like a not enough ram. Do you mean each list has 500K-1000K Rules or are you actually using 500K-1000K list.

No, one list can be 500 or 1000k lines depending if you use multi pro or multi pro ultimate. I don’t think so that is a problem regard the ram because I checked and normally the router operates between 65% or 80%.

So it is better to use one big list then 5 individual list. I use a blocklist from OISD full list with 300,000 Rules or so and a allow list from hl2guide Standard Allow with 4700 rules

It Freezing up was why I thought it is ram along with the 500k-1000k list but you meant

You also have not shared the “VPN Policy Base on the Target Domain or IP”

As a example Netflix.com has:
It needs all these to work correctly.

All my configs are correct regarding the VPN Policy. The problem is related to the GL system that not works appropriately with policy.
I see here in the forum there are many users with specific problems with this feature, maybe in the future, GL can fix that.

I think it user error considering you post one DNS settings page with Override DNS settings for all clients enabled and then another with it disabled, with no explanation. Also what is the edit host settings sequence.

If you don’t want to post The VPN policy publicly you can direct message GL.iNet staff by clicking the icon then the blue message button for private chat.

Also the GUI (GL.iNet User Interface) uses IP-routing tables where LuCi uses NFtables(this caused a bunch of issues in the past)

1 Like

Thanks, I don’t think is a user error. I sent the correct image in the next post, even though I tried both configs, and it is not working correctly. As I said, I tried many things. Sometimes VPN policy works without explanation. Unfortunately, GL support should investigate it, I was planning to buy a Brume, and I gave up at that moment.

As I said you cannot use Adguard Home and domain based policy.

Based on the current info I cannot investigate more.

I understand, but also, I said I have my own Adguard server that works. Right now, the VPN policy is working just on one website without any different configuration, which sometimes means the VPN policy is working.

Other websites with VPN

My own adguard