Remove this line:
Hi @psherman,
did what you suggested, then rebooted router, unfortunately no difference.
from an ssh session on openwrt, what happens when you do this:
- nslookup openwrt.org
- nslookup openwrt.org 192.168.158.1
- nslookup openwrt.org 8.8.8.8
Edit: Let's also see this:
service dnsmasq status
First command didn't work, the 2nd and 3rd ones worked ok, please see below along with output from 'service dnsmasq status'
root@OpenWrt:~# nslookup openwrt.org
;; connection timed out; no servers could be reached
root@OpenWrt:~# nslookup openwrt.org 192.168.158.1
Server: 192.168.158.1
Address: 192.168.158.1:53
Non-authoritative answer:
Name: openwrt.org
Address: 64.226.122.113
Non-authoritative answer:
Name: openwrt.org
Address: 2a03:b0c0:3:d0::1a51:c001
root@OpenWrt:~# nslookup openwrt.org 8.8.8.8
Server: 8.8.8.8
Address: 8.8.8.8:53
Non-authoritative answer:
Name: openwrt.org
Address: 2a03:b0c0:3:d0::1a51:c001
Non-authoritative answer:
Name: openwrt.org
Address: 64.226.122.113
root@OpenWrt:~# service dnsmasq status
running
Thank you very much!
Strange to see this when it is actually specified in your lan interface.
Try adding it to the dnsmasq resolvers.
You meant add 192.168.158.1 to below file?
I checked its content, the 912.168.158.1 is already there, please see below:
root@OpenWrt:~# cat /tmp/resolv.conf.d/resolv.conf.auto
# Interface jHomeVPN
nameserver 192.168.158.1
# Interface lan
nameserver 192.168.158.1
I am totally lost ,,,
I have no idea why it wouldn't be working, either.
Let's see a complete dump of everything:
Please connect to your OpenWrt device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
ubus call system board
cat /etc/config/network
cat /etc/config/dhcp
cat /etc/config/firewall
Please see the dump below:
root@OpenWrt:~# ubus call system board
{
"kernel": "5.15.134",
"hostname": "OpenWrt",
"system": "ARMv7 Processor rev 0 (v7l)",
"model": "Asus RT-AC68U (BCM4708)",
"board_name": "asus,rt-ac68u",
"rootfs_type": "squashfs",
"release": {
"distribution": "OpenWrt",
"version": "23.05.0",
"revision": "r23497-6637af95aa",
"target": "bcm53xx/generic",
"description": "OpenWrt 23.05.0 r23497-6637af95aa"
}
}
root@OpenWrt:~# cat /etc/config/network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd02:3084:69f0::/48'
option packet_steering '1'
config device
option name 'br-lan'
option type 'bridge'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
config interface 'lan'
option device 'br-lan'
option proto 'static'
option ipaddr '192.168.158.2'
option gateway '192.168.158.1'
option netmask '255.255.255.0'
option ip6assign '60'
list dns '192.168.158.1'
option delegate '0'
config device
option name 'wan'
option macaddr 'redacted'
config interface 'HomeVPN'
option proto 'wireguard'
option private_key 'redacted'
option listen_port '51820'
option delegate '0'
list dns '192.168.158.1'
list addresses '10.16.8.1/24'
config wireguard_HomeVPN
option description 'Pixel'
option public_key 'redacted'
option preshared_key 'redacted'
list allowed_ips '10.16.8.2/32'
config wireguard_HomeVPN
option description 'iPad'
option public_key 'redacted'
option preshared_key 'redacted'
list allowed_ips '10.16.8.3/32'
root@OpenWrt:~# cat /etc/config/dhcp
config dnsmasq
option domainneeded '1'
option boguspriv '1'
option filterwin2k '0'
option localise_queries '1'
option rebind_protection '1'
option rebind_localhost '1'
option local '/lan/'
option domain 'lan'
option expandhosts '1'
option nonegcache '0'
option cachesize '1000'
option authoritative '1'
option readethers '1'
option leasefile '/tmp/dhcp.leases'
option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
option nonwildcard '1'
option localservice '1'
option ednspacket_max '1232'
option filter_aaaa '0'
option filter_a '0'
config dhcp 'lan'
option interface 'lan'
option start '100'
option limit '150'
option leasetime '12h'
option dhcpv4 'server'
option ignore '1'
config odhcpd 'odhcpd'
option maindhcp '0'
option leasefile '/tmp/hosts/odhcpd'
option leasetrigger '/usr/sbin/odhcpd-update'
option loglevel '4'
root@OpenWrt:~# cat /etc/config/firewall
config defaults
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
config zone
option name 'LAN'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
list network 'lan'
I am not sure what below line in network does, could it be the culprit?
option ip6assign '60'
No, this is IPv6 and is unreleated.
I have no idea why things aren't working.
Have you tried rebooting the router and trying again?
reboot/power cycle the router doesn't help, I rebooted multiple times already. It doesn't seem to be firewall related either, I put the default firewall config back in, reloaded the firewall config, still not go. 
I think the best method here is to make a backup and then reset the router to defaults.
Once in the default state:
- disable the dhcp server on the lan interface
- set the lan interface as you have done here:
- use opkg to reinstall the wireguard packages
- then copy/paste the wg config stanzas from the backup into the new network config file.
No other change should be necessary.
Ok, starting from scratch could be the only way. I will find time to do it. Thank you very much for your help! @psherman
I think it should only take about 10-15 mins. Maybe even less.
Update: Per @psherman's suggestion, I factory reset the Asus RT-AC68U to start from scratch, made sure the openwrt opkg being able to connect to the internet for package installation, reinstalled the Wireguard, configured the server and peers, everything is working good now.
1 Like
Glad that fixed the problem.
If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.
Thanks! 
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.