Hi!
I’m currently using the GLX3000 router on T-Mobile Home Internet. I’m using the Wireguard client, connected to a self-hosted wireguard server.
It works great, however, the VPN policy is NOT working. As I come across various websites that are blocked by my VPN’s IP address, I add them to the list to NOT use the VPN.
I have IP addresses and domains added. However, no matter what, traceroute shows that the domains / IP Addresses are ignoring the rules completely. For instance, imgur.com is added to the list:
root@GL-X3000:~# traceroute imgur.com
traceroute to imgur.com (199.232.192.193), 30 hops max, 46 byte packets
1 10.10.10.1 (10.10.10.1) 51.230 ms 39.093 ms 39.828 ms
My wireguard config:
[Interface]
Address = 10.10.10.2/24
PrivateKey = (removed)
[Peer]
AllowedIPs = 0.0.0.0/0
Endpoint = [ipv6address]:port
PersistentKeepalive = 25
PublicKey = (removed)
At one point this was working, and it stopped recently. I am not sure what changed. I am currently using the settings below:
Remote Access LAN: OFF
IP Masquerading: OFF
MTU: 1420
Block Non-VPN Traffic: OFF
Allow Access WAN: ON
Services from GL.INET Use VPN: OFF
Proxy Mode: Based on the Target Domain or IPDo Not Use VPN
204.2.29.0/24
t-mobile.com
tmobile.com
reddit.com
imgur.com
::/0
DNS Mode: Encrypted DNS
Encryption Type: DNS over TLS
DNS Provider: Cloudflare
DNS Rebinding Attack Protection: OFF
Override DNS settings for all clients: ON
I noticed this after IPv6 stopped working (I am only routing IPv4 over the VPN to bypass the CGNAT). I’m not sure what changed to cause this feature to just stop working.
I’m thinking it’s related to AllowedIps, but that’s a requirement.
Any suggestions are appreciated!