WireGuard Client Issue Client unable to connect to server SFT1200 OPAL

Technical Support for Routers
1

Using a pair of GL-SFT1200
One (4 in the chart) is used as WireGuard Server This shows no issue

The second one (8 in the chart) is used as WireGuard Client and is unable to startup the client.

The internet connection when connecting as WiFi repeater is absent too

Notice that I tried both DNNS and IP but the outcome is unchanged and still problematic

The log is as follows:

Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): * Zone 'wan'
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): * Zone 'guest'
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): * Zone 'wgclient'
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): * Set tcp_ecn to off
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): * Set tcp_syncookies to on
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): * Set tcp_window_scaling to on
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): * Running script '/etc/firewall.nat6'
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): * Running script '/etc/firewall.swap_wan_in_conn_mark.sh'
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): * Running script '/etc/firewall.vpn_server_policy.sh'
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): * Running script '/var/etc/gls2s.include'
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): ! Skipping due to path error: No such file or directory
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): * Running script '/usr/bin/gl_block.sh'
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): Failed to parse json data: unexpected character
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): uci: Entry not found
Thu Jun 13 17:32:38 2024 daemon.notice netifd: wgclient (10597): cat: can't open '/tmp/run/wg_resolved_ip': No such file or directory
Thu Jun 13 17:32:39 2024 daemon.notice netifd: Interface 'wgclient' is now down
Thu Jun 13 17:32:39 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Thu Jun 13 17:32:39 2024 daemon.notice netifd: wgclient (10753): Name does not resolve: `examplednns.com:xxxx' NOTE THIS IS INTENTIONALLY CENSORED IN THIS POST
Thu Jun 13 17:32:39 2024 daemon.notice netifd: wgclient (10753): Configuration parsing error
Thu Jun 13 17:32:40 2024 user.notice relay: Reloading relay due to ifup-failed of wgclient ()

Could you kindly provide assistance?

The setup is as follows just for the sake of testing out everything.

glinetopalnetwork
glinetopalnetwork759×411 14.8 KB

2

The DNS request for this name failed. Check DNS.

3

Hi

As said that is not the actual dns that is the dns I get switching the dnns on while setting the config on the server side...

The DNS cannot be the issue.

4

But „Does not resolve“ is the error message - or did you add it there?

5

Yes but the issue is 2 fold (consult the original post to see)

1 the connection to internet through wifi (repeater) is not working properly

2 the client startup fails

As I said I tried both DNS and IP

So the DNS is not the issue
furthermore it is generated by the server side setup of the config (I did not touch the DNS value)

6

If you use WireGuard and the connection fails, it's pretty normal that internet does not work.
So for me those issues are connected. Let me send you to How to troubleshoot WireGuard so you can check the most common issues.

7

Apparently a clarification is needed:

The connection fails as WiFi repeater BEFORE attempting the WireGuard connection...

Thus the issue lies in the glinet unit itself and it's WiFi connection ability
Hence the suggested guide will not help (furthermore it is way to generic)

8

In that case please provide the following details:

  • Which firmware version is in use?
  • How is your router connected to the Internet?
    • By cable via the router of your Internet provider? (If yes, which router and which ISP?)
    • Via WLAN? (If yes, which network and which encryption?)
    • By cell phone? (If yes, which mobile provider?)
  • Which DNS server do you use? (The local one of your ISP? AdGuard Home? Another one?)
  • Do you use DHCP or static IP addresses?

Ping

Can you reach the Internet? Check the "ping" to the IP address 9.9.9.9

Instructions for Windows, OS X and Linux can be found here :link:

Test DNS resolution

Does the resolution of domain names work? Check this with the domain gl-inet.com - the answer should be 52.41.190.83.

You are welcome to share the output of this command in your forum post.

Instructions for Windows :link: | Instructions for Linux :link: | Instructions for OS X :link:

Collect log files

You can download all log files directly via the web GUI of your router.

Interface Guide: Log files :link:

See How to get support quickly

9

Sure I will provide this infos.

However could the issue be caused by having both the routers connected to the same router/modem

Please kindly check the graph showing the "network architecture".

I suspect that may be playing a role. However that is the only way I can test the connectivity now

10

Could be an issue indeed, but without a true network diagram containing IP addresses no one will be able to tell :wink:

11

Yeah this is something for later.

The main issue is the lack of internet connectivity itself so here are the info you asked for:

In that case please provide the following details:

  • Which firmware version is in use? v4.3.11

  • How is your router connected to the Internet? WIRELESS

    • By cable via the router of your Internet provider? NO
    • Via WLAN? NO
    • By cell phone? NO

  • Which DNS server do you use? WireGuard Server DNNS

  • Do you use DHCP or static IP addresses? DHCP

Ping

Can you reach the Internet? Check the "ping" to the IP address 9.9.9.9
Fails: request timeout

DNS
No valid endpoint

DNS configuration

resolver #1
search domain[0] : lan
nameserver[0] : 192.168.8.1
if_index : 4 (en0)
flags : Request A records
reach : 0x00020002 (Reachable,Directly Reachable Address)

resolver #2
domain : local
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300000

resolver #3
domain : 254.169.in-addr.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300200

resolver #4
domain : 8.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300400

resolver #5
domain : 9.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300600

resolver #6
domain : a.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 300800

resolver #7
domain : b.e.f.ip6.arpa
options : mdns
timeout : 5
flags : Request A records
reach : 0x00000000 (Not Reachable)
order : 301000

DNS configuration (for scoped queries)

resolver #1
search domain[0] : lan
nameserver[0] : 192.168.8.1
if_index : 4 (en0)
flags : Scoped, Request A records
reach : 0x00020002 (Reachable,Directly Reachable Address)

LOGS

logread.zip (16.0 KB)

12

Further tested both of the units. (GLSFT1200 8 and GLSFT1200 4)
Switched off the VPN Server and tried both the units ex novo in the following ways:

A- Repeater mode connected to the Modem/Router
B- Repeater mode connected to my phone in hotspot mode

In both cases and for BOTH the units repeater mode resulted in NO connection to the internet. (at no time during this test the units where both on at the same time to avoid interference)

I am concluding that the WiFi repeater mode is flawed in both the units, with high probability in the model itself.

I am left no other option than to return both the units, and sadly with a bad review.
No support was provided and the units do not do what they should