Raspberry PI4 with build wulfy23, config internet key and vpn

Hello to all,
first of all I wanted to thank the community for their availability and promptness in responding.
But let's come to us ... I just installed the build of wulfy and I need to install an internet key, go under VPN with internet kill switch in case of disconnection and let the wifi signal out.
I hope it is doable

I managed to configure the key and to enter the internet.

It remains for me to put the VPN and share it in WIFI and ethernet.
€ 100 to whoever succeeds :smiley: :smiley:

1 Like

after about 20 hours I resign myself for today .. I go to bed, I tested the software with the internet key and it runs well. the pi4 travels discreetly. I don't explain why as soon as I turn on the VPN the connection goes down. Vpn on other devices works fine.
Similar problem for WIFI, although it is activated as an access point it is not detected by any device. as if it is not active .. I hope in you

Your wan and lan must have separate IP ranges.

Usually a 4G modem is run as DHCP client.

If you're using a commercial VPN service to pass all Internet access, the VPN tunnel interface should be in the wan firewall zone. Or in a separate zone with rules similar to the wan.

3 Likes

fwiw... the build is vanilla(equivalent to master) in regards to openvpn other than the fact that it is pre-installed, unlike most build additional services, openvpn is not 'pre-disabled@/etc/init.d disable' as it is virtually dormant in its default configuration...

so technically this is a non-build related query... ( but it is good / prudent the OP mentions this )

you have not;

  • shown the vpn type you are referring to
  • what guide/s you are following
  • included any log information as mentioned in the standard wiki guide ( if we are talking about openvpn, which is yet to be determined )

yes, I use openvpn ...
I would be very happy to understand what I am wrong in the configuration.
I'm sorry

root@rpi-dca632a916 /35# lspci -v
00:00.0 PCI bridge: Broadcom Inc. and subsidiaries Device 2711 (rev 10) (prog-if 00 [Normal decode])
        Flags: bus master, fast devsel, latency 0, IRQ 38
        Bus: primary=00, secondary=01, subordinate=01, sec-latency=0
        I/O behind bridge: 00000000-00000fff [size=4K]
        Memory behind bridge: f8000000-f80fffff [size=1M]
        Prefetchable memory behind bridge: [disabled]
        Capabilities: [48] Power Management version 3
        Capabilities: [ac] Express Root Port (Slot-), MSI 00
        Capabilities: [100] Advanced Error Reporting
        Capabilities: [180] Vendor Specific Information: ID=0000 Rev=0 Len=028 <?>
        Capabilities: [240] L1 PM Substates
        Kernel driver in use: pcieport
lspci: Unable to load libkmod resources: error -12

01:00.0 USB controller: VIA Technologies, Inc. VL805 USB 3.0 Host Controller (rev 01) (prog-if 30 [XHCI])
        Subsystem: VIA Technologies, Inc. VL805 USB 3.0 Host Controller
        Flags: bus master, fast devsel, latency 0, IRQ 39
        Memory at 600000000 (64-bit, non-prefetchable) [size=4K]
        Capabilities: [80] Power Management version 3
        Capabilities: [90] MSI: Enable+ Count=1/4 Maskable- 64bit+
        Capabilities: [c4] Express Endpoint, MSI 00
        Capabilities: [100] Advanced Error Reporting
        Kernel driver in use: xhci_hcd

root@rpi-dca632a916 /34# ifconfig -a
br-lan    Link encap:Ethernet  HWaddr DC:A6:32:A9:16:B3
          inet addr:192.168.8.1  Bcast:192.168.8.255  Mask:255.255.255.0
          inet6 addr: fe80::dea6:32ff:fea9:16b3/64 Scope:Link
          inet6 addr: fd88:ca9d:895c::1/60 Scope:Global
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6062 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6072 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1349139 (1.2 MiB)  TX bytes:2616520 (2.4 MiB)

dummy0    Link encap:Ethernet  HWaddr 9E:03:5F:1A:0B:0E
          BROADCAST NOARP  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

erspan0   Link encap:Ethernet  HWaddr 00:00:00:00:00:00
          BROADCAST MULTICAST  MTU:1450  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

eth0      Link encap:Ethernet  HWaddr DC:A6:32:A9:16:B3
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:6065 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6072 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1434169 (1.3 MiB)  TX bytes:2616520 (2.4 MiB)

gre0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          NOARP  MTU:1452  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

gretap0   Link encap:Ethernet  HWaddr 00:00:00:00:00:00
          BROADCAST MULTICAST  MTU:1462  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

ip6gre0   Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          NOARP  MTU:1448  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

ip6tnl0   Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          NOARP  MTU:1452  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:184 errors:0 dropped:0 overruns:0 frame:0
          TX packets:184 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:20755 (20.2 KiB)  TX bytes:20755 (20.2 KiB)

sit0      Link encap:IPv6-in-IPv4
          NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

teql0     Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          NOARP  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:10.8.0.3  P-t-P:10.8.0.3  Mask:255.255.255.0
          inet6 addr: fe80::e4e8:1fad:bc52:113e/64 Scope:Link
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:24 errors:0 dropped:0 overruns:0 frame:0
          TX packets:184 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:1796 (1.7 KiB)  TX bytes:27694 (27.0 KiB)

tunl0     Link encap:UNSPEC  HWaddr 00-00-00-00-FF-00-00-00-00-00-00-00-00-00-00-00
          NOARP  MTU:1480  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

usb0      Link encap:Ethernet  HWaddr 6E:19:B6:96:EC:25
          inet addr:192.168.1.120  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::6c19:b6ff:fe96:ec25/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:781 errors:0 dropped:0 overruns:0 frame:0
          TX packets:652 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:274497 (268.0 KiB)  TX bytes:162178 (158.3 KiB)

wlan0     Link encap:Ethernet  HWaddr DC:A6:32:A9:16:B4
          BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 B)  TX bytes:0 (0.0 B)

I am also attaching the system log

Sat Dec 12 22:18:50 2020 daemon.notice netifd: InternetKey (4036): udhcpc: sending discover
Sat Dec 12 22:18:50 2020 daemon.notice netifd: InternetKey (4036): udhcpc: sending select for 192.168.1.120
Sat Dec 12 22:18:50 2020 daemon.notice netifd: InternetKey (4036): udhcpc: lease of 192.168.1.120 obtained, lease time 7200
Sat Dec 12 22:18:50 2020 daemon.debug dnsmasq[5304]: listening on usb0(#14): 192.168.1.120 port 53
Sat Dec 12 22:18:50 2020 daemon.notice netifd: Interface 'InternetKey' is now up
Sat Dec 12 22:18:50 2020 daemon.info dnsmasq[5304]: reading /tmp/resolv.conf.d/resolv.conf.auto
Sat Dec 12 22:18:50 2020 daemon.info dnsmasq[5304]: using only locally-known addresses for domain test
Sat Dec 12 22:18:50 2020 daemon.info dnsmasq[5304]: using only locally-known addresses for domain onion
Sat Dec 12 22:18:50 2020 daemon.info dnsmasq[5304]: using only locally-known addresses for domain localhost
Sat Dec 12 22:18:50 2020 daemon.info dnsmasq[5304]: using only locally-known addresses for domain local
Sat Dec 12 22:18:50 2020 daemon.info dnsmasq[5304]: using only locally-known addresses for domain invalid
Sat Dec 12 22:18:50 2020 daemon.info dnsmasq[5304]: using only locally-known addresses for domain bind
Sat Dec 12 22:18:50 2020 daemon.info dnsmasq[5304]: using only locally-known addresses for domain lan
Sat Dec 12 22:18:50 2020 daemon.info dnsmasq[5304]: using nameserver 192.168.1.1#53
Sat Dec 12 22:18:50 2020 user.notice mwan3-hotplug[5336]: mwan3 hotplug ifup on InternetKey not called because globally disabled
Sat Dec 12 22:18:50 2020 user.notice firewall: Reloading firewall due to ifup of InternetKey (usb0)
Sat Dec 12 22:18:51 2020 user.notice nlbwmon: Reloading nlbwmon due to ifup of InternetKey (usb0)
Sat Dec 12 22:18:55 2020 daemon.warn openvpn(Personal0)[3901]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sat Dec 12 22:18:55 2020 daemon.notice openvpn(Personal0)[3901]: TCP/UDP: Preserving recently used remote address: [AF_INET]89.40.143.190:8080
Sat Dec 12 22:18:55 2020 daemon.notice openvpn(Personal0)[3901]: Socket Buffers: R=[131072->131072] S=[16384->16384]
Sat Dec 12 22:18:55 2020 daemon.notice openvpn(Personal0)[3901]: Attempting to establish TCP connection with [AF_INET]89.40.143.190:8080 [nonblock]
Sat Dec 12 22:18:56 2020 daemon.notice openvpn(Personal0)[3901]: TCP connection established with [AF_INET]89.40.143.190:8080
Sat Dec 12 22:18:56 2020 daemon.notice openvpn(Personal0)[3901]: Send to HTTP proxy: 'CONNECT 89.40.143.190:443 HTTP/1.0'
Sat Dec 12 22:18:56 2020 daemon.notice openvpn(Personal0)[3901]: Send to HTTP proxy: 'X-Online-Host: weschool.com'
Sat Dec 12 22:18:56 2020 daemon.notice openvpn(Personal0)[3901]: Send to HTTP proxy: 'Host: weschool.com'
Sat Dec 12 22:18:56 2020 daemon.notice openvpn(Personal0)[3901]: HTTP proxy returned: 'HTTP/1.1 200 Connection established'
Sat Dec 12 22:19:25 2020 daemon.notice openvpn(Personal0)[3901]: TCP_CLIENT link local: (not bound)
Sat Dec 12 22:19:25 2020 daemon.notice openvpn(Personal0)[3901]: TCP_CLIENT link remote: [AF_INET]89.40.143.190:8080
Sat Dec 12 22:19:25 2020 daemon.notice openvpn(Personal0)[3901]: TLS: Initial packet from [AF_INET]89.40.143.190:8080, sid=c1d04d88 fd34460d
Sat Dec 12 22:19:27 2020 daemon.notice openvpn(Personal0)[3901]: VERIFY KU OK
Sat Dec 12 22:19:27 2020 daemon.notice openvpn(Personal0)[3901]: Validating certificate extended key usage
Sat Dec 12 22:19:27 2020 daemon.notice openvpn(Personal0)[3901]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Sat Dec 12 22:19:27 2020 daemon.notice openvpn(Personal0)[3901]: VERIFY EKU OK
Sat Dec 12 22:19:27 2020 daemon.notice openvpn(Personal0)[3901]: VERIFY X509NAME OK: CN=server_HGDc8svHr9KWp6Cx
Sat Dec 12 22:19:27 2020 daemon.notice openvpn(Personal0)[3901]: VERIFY OK: depth=0, CN=server_HGDc8svHr9KWp6Cx
Sat Dec 12 22:19:28 2020 daemon.notice openvpn(Personal0)[3901]: Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, 256 bit EC, curve: prime256v1
Sat Dec 12 22:19:28 2020 daemon.notice openvpn(Personal0)[3901]: [server_HGDc8svHr9KWp6Cx] Peer Connection Initiated with [AF_INET]89.40.143.190:8080
Sat Dec 12 22:19:30 2020 daemon.notice openvpn(Personal0)[3901]: SENT CONTROL [server_HGDc8svHr9KWp6Cx]: 'PUSH_REQUEST' (status=1)
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 8.8.8.8,redirect-gateway def1 bypass-dhcp,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.3 255.255.255.0,peer-id 0,cipher AES-128-GCM'
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: OPTIONS IMPORT: timers and/or timeouts modified
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: OPTIONS IMPORT: --ifconfig/up options modified
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: OPTIONS IMPORT: route options modified
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: OPTIONS IMPORT: route-related options modified
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: OPTIONS IMPORT: peer-id set
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: OPTIONS IMPORT: adjusting link_mtu to 1626
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: OPTIONS IMPORT: data channel crypto options modified
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: TUN/TAP device tun0 opened
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: TUN/TAP TX queue length set to 100
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: /sbin/ifconfig tun0 10.8.0.3 netmask 255.255.255.0 mtu 1500 broadcast 10.8.0.255
Sat Dec 12 22:19:32 2020 daemon.notice netifd: Interface 'OMRVPN' is enabled
Sat Dec 12 22:19:32 2020 daemon.notice netifd: Network device 'tun0' link is up
Sat Dec 12 22:19:32 2020 daemon.notice netifd: Interface 'OMRVPN' has link connectivity
Sat Dec 12 22:19:32 2020 daemon.notice netifd: Interface 'OMRVPN' is setting up now
Sat Dec 12 22:19:32 2020 daemon.notice netifd: Interface 'OMRVPN' is now up
Sat Dec 12 22:19:32 2020 daemon.debug dnsmasq[5304]: listening on tun0(#15): fe80::e4e8:1fad:bc52:113e%tun0 port 53
Sat Dec 12 22:19:32 2020 daemon.debug dnsmasq[5304]: listening on tun0(#15): 10.8.0.3 port 53
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: /usr/libexec/openvpn-hotplug up Personal0 tun0 1500 1554 10.8.0.3 255.255.255.0 init
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: /sbin/route add -net 89.40.143.190 netmask 255.255.255.255 gw 192.168.1.1
Sat Dec 12 22:19:32 2020 user.notice ModemManager: hotplug: add network interface tun0: event processed
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.8.0.1
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.8.0.1
Sat Dec 12 22:19:32 2020 daemon.notice openvpn(Personal0)[3901]: Initialization Sequence Completed
Sat Dec 12 22:19:32 2020 user.notice ModemManager: hotplug: event reported: action=add, name=tun0, subsystem=net
Sat Dec 12 22:19:32 2020 user.notice ModemManager: hotplug: error: parent device sysfspath not found
Sat Dec 12 22:19:32 2020 user.notice mwan3-hotplug[5753]: mwan3 hotplug ifup on OMRVPN not called because globally disabled
Sat Dec 12 22:19:32 2020 user.notice nlbwmon: Reloading nlbwmon due to ifup of OMRVPN (tun0)
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: configfile: stat (/etc/collectd/conf.d) failed: No such file or directory
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "irq" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "entropy" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "conntrack" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "iwinfo" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "memory" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "cpu" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "load" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.info procd: - init complete -
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "rrdtool" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: rrdtool plugin: RRASingle = true: creating only AVERAGE RRAs
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "processes" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "interface" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "thermal" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: plugin_load: plugin "exec" successfully loaded.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: utils_taskstats: CTRL_CMD_GETFAMILY("TASKSTATS"): No such file or directory
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: utils_taskstats: get_family_id() = No such file or directory
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: processes plugin: Creating taskstats handle failed.
Sat Dec 12 22:19:33 2020 daemon.err collectd[6036]: Initialization complete, entering read-loop.
Sat Dec 12 22:19:34 2020 daemon.err collectd[6036]: exec plugin: exec_read_one: error = Cannot find device "eth1"
Sat Dec 12 22:19:35 2020 daemon.err uhttpd[2588]: luci: accepted login on / for root from 192.168.8.223
Sat Dec 12 22:20:04 2020 daemon.err collectd[6036]: exec plugin:  exec_read_one: error = Cannot find device "eth1"
1 Like

There are several extra / unused things in your config like GRE interfaces, an incomplete / disabled mwan3 install, and something called 'tunl0' (not 'tun0'-- you will need that since OpenVPN started it up). Best to get rid of ALL of the extra stuff. General rule of OpenWrt is start from a default configuration then change or add only what is needed to meet your use case. Don't shotgun a bunch of stuff it is very likely going to break it.

It appears that OpenVPN connected and authenticated successfully, and there is a tunnel 10.8.0.3 open awaiting traffic.

3 Likes

The problem is that I don't see all these peripherals in the graphical interface. I only see lan, wan and tun. What should I do to remove these additional devices?

Ignore those devices.
They are created automatically when you install kmods.

Set up the firewall:

1 Like

I don't know if I created the rule well, but the result is positive, I am browsing under VPN without problems.

I still have to block the connection in case of disconnection from the VPN and ... More importantly, I need to be able to enable the access point, so that even mobile phones can browse under this VPN. I hope not to ask too much ..

Remove the lan->wan forwarding.
Also the vpn->lan forwarding is not needed.

Go to Network/Wireless, enable it, and configure it.

2 Likes

I have arranged the rules as you advised me and I must say that it goes great!

The wireless is already enabled and configured, only it is not seen by any device. As if there is no access point

doubt you'd get 80Mhz working... try 40 or 20...

1 Like

Are your devices compatible with 5GHz band?

2 Likes

has a bit that I do tests, the device is a raspberry pi4 .. Any frequency I put is not found

If I do a search from the raspberry the networks pop up.

But if I have to act as an Access Point to nearby devices, it is as if the device did not exist

when it kicks into client mode... you have to restart at a lower level ( /etc/init.d/wpad restart; wifi down; wifi up ) not sure which one works ( reboot if you can't stop it from kicking into client mode ) ...

also make sure that you set the country code in RASPI(an)OS... ( or with iw command )

sorry for the ignorance, what commands should I give to reboot at a lower level? So I enter putty?
I don't know how to set the country code in RASPI(an)OS.. maybe from the bios?

raspian(OS) is the raspberrypi operating system... it's graphical as far as I know... but i've never used it... they have a forum... and the steps are available online... ( use a seperate sdcard if you have one... or take a backup of your settings! if you don't )

reboot is in LUCI > System > Reboot

yes, i've rebooted like this several times already, but i didn't get any results. The wifi does not exist