Gl-e750 ssh and ddns

Hello,

I am using the gl-inet gl-e750 mobile router. I primarily use it with my sim card and wireguard vpn. I am trying to get the ssh and ddns working but its not working. I enabled it in the interface etc too and checked the nslookup as well. It shows the correct ip address in nslookup.

I am willing to even pay a small sum if someone can help me overcome this issue as I need to ddns or ssh into the device remotely to add/delete the wireguard client configuration.

I don't think its possible with mobile/4g. You are most likely to be using shared IP and port forwarding is disabled.
The other option to get wireguard config on is via wget/curl from OneDrive/google drive but it needs to be automated with zero touch

If your IP matches one of the reserved IPs, then you don't have a public IP address.
Either buy a public IP from your ISP, or buy a VPS and use it as a VPN server.

1 Like

How can I do it getting the config via Google drive?. I already have a vpn server

You need a public IP address on the server to be able to connect to it from outside.

1 Like

add/delete the wireguard client configuration

You will need to post your WG configuration in Google drive. Ensure you encrypted the WG configuration file. Make the link public. On you GL device either crontab/polling that calls wgetto googledrive

I am using the wireguard on my vps server. But I need to find a way to be able to connect the device to update the config. When I use the current settings while connected to the vpn I'm unable to access it remotely.

Configure the input WG zone policy to accept incoming connections, or assign the WG interface to the LAN zone.

please if you can guide me how to do that. it would be very helpful

It would be simpler if you post the configs redacting the private parts:

uci show network; uci show firewall; \
ip address show; ip route show; ip rule show
-bash: uci: command not found
-bash: uci: command not found
-bash:  ip: command not found
default via 10.255.255.1 dev ens192 proto dhcp src y.y.y.y metric 202
10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.1
10.13.37.0/24 dev wg0 proto kernel scope link src 10.13.37.1
10.255.255.1 dev ens192 scope link src y.y.y.y metric 202
x.x.x.x/31 via 10.255.255.1 dev ens192 proto dhcp src y.y.y.y metric 202
0:      from all lookup local
32766:  from all lookup main
32767:  from all lookup default

You need to SSH to your router to run those commands:

network.loopback=interface
network.loopback.ifname='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.ula_prefix='fde0:137c:b3ae::/48'
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth1'
network.lan.proto='static'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='60'
network.lan.hostname='GL-MIFI-28e'
network.lan.ipaddr='192.168.8.1'
network.wan=interface
network.wan.ifname='eth0'
network.wan.proto='dhcp'
network.wan.hostname='GL-MIFI-28e'
network.wan6=interface
network.wan6.ifname='eth0'
network.wan6.proto='dhcpv6'
network.guest=interface
network.guest.ifname='guest'
network.guest.type='bridge'
network.guest.proto='static'
network.guest.ipaddr='192.168.9.1'
network.guest.netmask='255.255.255.0'
network.guest.ip6assign='60'
network.wwan=interface
network.wwan.proto='dhcp'
network.wwan.metric='20'
network.modem_1_1_2=interface
network.modem_1_1_2.ifname='wwan0'
network.modem_1_1_2.service='fdd_lte'
network.modem_1_1_2.apn='du'
network.modem_1_1_2.proto='qmi'
network.modem_1_1_2.device='/dev/cdc-wdm0'
network.modem_1_1_2.metric='40'
network.modem_1_1_2.disabled='0'
firewall.@defaults[0]=defaults
firewall.@defaults[0].syn_flood='1'
firewall.@defaults[0].input='ACCEPT'
firewall.@defaults[0].output='ACCEPT'
firewall.@defaults[0].forward='REJECT'
firewall.@zone[0]=zone
firewall.@zone[0].name='lan'
firewall.@zone[0].network='lan'
firewall.@zone[0].input='ACCEPT'
firewall.@zone[0].output='ACCEPT'
firewall.@zone[0].forward='ACCEPT'
firewall.@zone[1]=zone
firewall.@zone[1].name='wan'
firewall.@zone[1].input='REJECT'
firewall.@zone[1].output='ACCEPT'
firewall.@zone[1].forward='REJECT'
firewall.@zone[1].masq='1'
firewall.@zone[1].mtu_fix='1'
firewall.@zone[1].network='wan wan6 wwan modem_1_1_2'
firewall.@forwarding[0]=forwarding
firewall.@forwarding[0].src='lan'
firewall.@forwarding[0].dest='wan'
firewall.@forwarding[0].enabled='0'
firewall.@rule[0]=rule
firewall.@rule[0].name='Allow-DHCP-Renew'
firewall.@rule[0].src='wan'
firewall.@rule[0].proto='udp'
firewall.@rule[0].dest_port='68'
firewall.@rule[0].target='ACCEPT'
firewall.@rule[0].family='ipv4'
firewall.@rule[1]=rule
firewall.@rule[1].name='Allow-Ping'
firewall.@rule[1].src='wan'
firewall.@rule[1].proto='icmp'
firewall.@rule[1].icmp_type='echo-request'
firewall.@rule[1].family='ipv4'
firewall.@rule[1].target='ACCEPT'
firewall.@rule[2]=rule
firewall.@rule[2].name='Allow-IGMP'
firewall.@rule[2].src='wan'
firewall.@rule[2].proto='igmp'
firewall.@rule[2].family='ipv4'
firewall.@rule[2].target='ACCEPT'
firewall.@rule[3]=rule
firewall.@rule[3].name='Allow-DHCPv6'
firewall.@rule[3].src='wan'
firewall.@rule[3].proto='udp'
firewall.@rule[3].src_ip='fc00::/6'
firewall.@rule[3].dest_ip='fc00::/6'
firewall.@rule[3].dest_port='546'
firewall.@rule[3].family='ipv6'
firewall.@rule[3].target='ACCEPT'
firewall.@rule[4]=rule
firewall.@rule[4].name='Allow-MLD'
firewall.@rule[4].src='wan'
firewall.@rule[4].proto='icmp'
firewall.@rule[4].src_ip='fe80::/10'
firewall.@rule[4].icmp_type='130/0' '131/0' '132/0' '143/0'
firewall.@rule[4].family='ipv6'
firewall.@rule[4].target='ACCEPT'
firewall.@rule[5]=rule
firewall.@rule[5].name='Allow-ICMPv6-Input'
firewall.@rule[5].src='wan'
firewall.@rule[5].proto='icmp'
firewall.@rule[5].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type' 'router-solicitation' 'neighbour-solicitation' 'router-advertisement' 'neighbour-advertisement'
firewall.@rule[5].limit='1000/sec'
firewall.@rule[5].family='ipv6'
firewall.@rule[5].target='ACCEPT'
firewall.@rule[6]=rule
firewall.@rule[6].name='Allow-ICMPv6-Forward'
firewall.@rule[6].src='wan'
firewall.@rule[6].dest='*'
firewall.@rule[6].proto='icmp'
firewall.@rule[6].icmp_type='echo-request' 'echo-reply' 'destination-unreachable' 'packet-too-big' 'time-exceeded' 'bad-header' 'unknown-header-type'
firewall.@rule[6].limit='1000/sec'
firewall.@rule[6].family='ipv6'
firewall.@rule[6].target='ACCEPT'
firewall.@rule[7]=rule
firewall.@rule[7].name='Allow-IPSec-ESP'
firewall.@rule[7].src='wan'
firewall.@rule[7].dest='lan'
firewall.@rule[7].proto='esp'
firewall.@rule[7].target='ACCEPT'
firewall.@rule[8]=rule
firewall.@rule[8].name='Allow-ISAKMP'
firewall.@rule[8].src='wan'
firewall.@rule[8].dest='lan'
firewall.@rule[8].dest_port='500'
firewall.@rule[8].proto='udp'
firewall.@rule[8].target='ACCEPT'
firewall.@include[0]=include
firewall.@include[0].path='/etc/firewall.user'
firewall.@include[0].reload='1'
firewall.gls2s=include
firewall.gls2s.type='script'
firewall.gls2s.path='/var/etc/gls2s.include'
firewall.gls2s.reload='1'
firewall.glfw=include
firewall.glfw.type='script'
firewall.glfw.path='/usr/bin/glfw.sh'
firewall.glfw.reload='1'
firewall.glqos=include
firewall.glqos.type='script'
firewall.glqos.path='/usr/sbin/glqos.sh'
firewall.glqos.reload='1'
firewall.mwan3=include
firewall.mwan3.type='script'
firewall.mwan3.path='/var/etc/mwan3.include'
firewall.mwan3.reload='1'
firewall.guestzone=zone
firewall.guestzone.name='guestzone'
firewall.guestzone.network='guest'
firewall.guestzone.forward='REJECT'
firewall.guestzone.output='ACCEPT'
firewall.guestzone.input='REJECT'
firewall.guestzone_fwd=forwarding
firewall.guestzone_fwd.src='guestzone'
firewall.guestzone_fwd.dest='wan'
firewall.guestzone_fwd.enabled='0'
firewall.guestzone_dhcp=rule
firewall.guestzone_dhcp.name='guestzone_DHCP'
firewall.guestzone_dhcp.src='guestzone'
firewall.guestzone_dhcp.target='ACCEPT'
firewall.guestzone_dhcp.proto='udp'
firewall.guestzone_dhcp.dest_port='67-68'
firewall.guestzone_dns=rule
firewall.guestzone_dns.name='guestzone_DNS'
firewall.guestzone_dns.src='guestzone'
firewall.guestzone_dns.target='ACCEPT'
firewall.guestzone_dns.proto='tcp udp'
firewall.guestzone_dns.dest_port='53'
firewall.glservice_rule=rule
firewall.glservice_rule.name='glservice'
firewall.glservice_rule.proto='tcp udp'
firewall.glservice_rule.src='wan'
firewall.glservice_rule.target='ACCEPT'
firewall.glservice_rule.enabled='1'
firewall.glservice_rule.dest_port='83'
firewall.glservice_https=rule
firewall.glservice_https.name='glservice_https'
firewall.glservice_https.dest_port='443'
firewall.glservice_https.proto='tcp udp'
firewall.glservice_https.src='wan'
firewall.glservice_https.target='ACCEPT'
firewall.glservice_https.enabled='1'
firewall.glssh_rule=rule
firewall.glssh_rule.name='glssh'
firewall.glssh_rule.dest_port='22'
firewall.glssh_rule.proto='tcp udp'
firewall.glssh_rule.src='wan'
firewall.glssh_rule.target='ACCEPT'
firewall.glssh_rule.enabled='1'
firewall.s2s_rule_udp=rule
firewall.s2s_rule_udp.name='Allow S2S UDP'
firewall.s2s_rule_udp.dest_port='51830'
firewall.s2s_rule_udp.proto='udp'
firewall.s2s_rule_udp.src='wan'
firewall.s2s_rule_udp.target='ACCEPT'
firewall.AllowWireguard=rule
firewall.AllowWireguard.name='Allow-Wireguard'
firewall.AllowWireguard.target='ACCEPT'
firewall.AllowWireguard.src='wan'
firewall.AllowWireguard.proto='udp tcp'
firewall.AllowWireguard.family='ipv4'
firewall.AllowWireguard.dest_port='60366'
firewall.wireguard=zone
firewall.wireguard.name='wireguard'
firewall.wireguard.input='ACCEPT'
firewall.wireguard.forward='ACCEPT'
firewall.wireguard.output='ACCEPT'
firewall.wireguard.masq='1'
firewall.wireguard.mtu_fix='1'
firewall.wireguard.device='wg0'
firewall.wireguard_wan=forwarding
firewall.wireguard_wan.src='wireguard'
firewall.wireguard_wan.dest='wan'
firewall.wireguard_lan=forwarding
firewall.wireguard_lan.src='wireguard'
firewall.wireguard_lan.dest='lan'
firewall.lan_wireguard=forwarding
firewall.lan_wireguard.src='lan'
firewall.lan_wireguard.dest='wireguard'
firewall.guest_wireguard=forwarding
firewall.guest_wireguard.src='guestzone'
firewall.guest_wireguard.dest='wireguard'
firewall.wireguard_guest=forwarding
firewall.wireguard_guest.src='wireguard'
firewall.wireguard_guest.dest='guestzone'
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 94:83:c4:04:22:8e brd ff:ff:ff:ff:ff:ff
3: eth1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel master br-lan state DOWN group default qlen 1000
    link/ether 94:83:c4:04:22:8e brd ff:ff:ff:ff:ff:ff
4: teql0: <NOARP> mtu 1500 qdisc noop state DOWN group default qlen 100
    link/void
5: wwan0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN group default qlen 1000
    link/ether 2a:75:de:79:dd:09 brd ff:ff:ff:ff:ff:ff
    inet 100.96.135.250/30 brd 100.96.135.251 scope global wwan0
       valid_lft forever preferred_lft forever
    inet6 fe80::2875:deff:fe79:dd09/64 scope link
       valid_lft forever preferred_lft forever
7: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 94:83:c4:04:22:8e brd ff:ff:ff:ff:ff:ff
    inet 192.168.8.1/24 brd 192.168.8.255 scope global br-lan
       valid_lft forever preferred_lft forever
    inet6 fde0:137c:b3ae:10::1/60 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 fe80::9683:c4ff:fe04:228e/64 scope link
       valid_lft forever preferred_lft forever
12: wlan-sta: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 94:83:c4:04:22:8e brd ff:ff:ff:ff:ff:ff
    inet 10.150.128.27/21 brd 10.150.135.255 scope global wlan-sta
       valid_lft forever preferred_lft forever
    inet6 fe80::9683:c4ff:fe04:228e/64 scope link
       valid_lft forever preferred_lft forever
13: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP group default qlen 1000
    link/ether 96:83:c4:04:22:8e brd ff:ff:ff:ff:ff:ff
    inet6 fe80::9483:c4ff:fe04:228e/64 scope link
       valid_lft forever preferred_lft forever
14: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1
    link/none
    inet 10.13.37.2/24 scope global wg0
       valid_lft forever preferred_lft forever
0.0.0.0/1 dev wg0 scope link
default via x.x.x.x dev wlan-sta proto static src 10.150.128.27 metric 20
default via z.z.z.z dev wwan0 proto static src z.z.z.a metric 40
10.13.37.0/24 dev wg0 proto kernel scope link src 10.13.37.2
x.x.x.x/21 dev wlan-sta proto static scope link metric 20
y.y.y.y via 10.150.128.1 dev wlan-sta
100.96.135.248/30 dev wwan0 proto static scope link metric 40
128.0.0.0/1 dev wg0 scope link
192.168.8.0/24 dev br-lan proto kernel scope link src 192.168.8.1
0:      from all lookup local
1002:   from all iif wlan-sta lookup main
2002:   from all fwmark 0x200/0x3f00 lookup 2
2061:   from all fwmark 0x3d00/0x3f00 blackhole
2062:   from all fwmark 0x3e00/0x3f00 unreachable
32766:  from all lookup main
32767:  from all lookup default
1 Like

It looks like you are using to gl.inet device. They have a cloud package for remote management of their devices.