r7800 - Wireguard Cannot access router.

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
Author Message
Tekwhat
DD-WRT Novice


Joined: 30 Dec 2020
Posts: 32

PostPosted: Mon May 23, 2022 13:21    Post subject: r7800 - Wireguard Cannot access router. Reply with quote
I am running a nighthawk r7800
Firmware R48741

Everything has been running smooth ever since my update to 48741. I recently saw proton vpn supports wireguard, so I set that up, works perfect. Except my work router won’t connect through the vpn. So this morning, I think I’ve messed up.

My dhcp on the router is set to only hand out up to .50. I set a static route for my work router to .254. Everything was fine at this point. I go into the tunnel and tell it only allow 192.168.1.0/25 to use the tunnel, saved, applied, now, I cannot connect to the router at all. I can ping it after a power fail, but then it goes up unresponsive and I cannot get to it at all. My pc is set to .10.

What the heck did I do?
Sponsor
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Mon May 23, 2022 14:41    Post subject: Reply with quote
Well, you did what you did and now youre in a delicate position.

Instead of trying to troubleshoot your unknown state which will consume your time and ours, it would be faster to reset to factory defaults, then upgrade to a current supported dd-wrt version which also contains the latest wireguard patches as well as security patches etc...

And then reconfigure from scratch

See http://ftp.dd-wrt.com/dd-wrtv2/downloads/betas/2022/05-23-2022-r48954/netgear-r7800/

Wireguard setup guide https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=322206

Take care.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
Tekwhat
DD-WRT Novice


Joined: 30 Dec 2020
Posts: 32

PostPosted: Mon May 23, 2022 15:02    Post subject: Reply with quote
Thank you for that info.

I just setup a 6700v3 for a family member, so I hooked it up and brought my 7800 to the build station, it was fine, I was able to log in....I have no idea why that fixed it, its back into production and working fine (tunnels disabled).

I wonder if the "reset after 5 failed boots" was what saved me just now.

I didn't do a nvram reset after upgrading to 48741 from my older build, I am going to go out on a limb and say that's what caused this, I'll try resetting that, then setting the vpn back up with exclusions.
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Mon May 23, 2022 15:18    Post subject: Reply with quote
Upgrade to latest dd-wrt... in any case. Using old unsupported builds with security issues makes even less sense when someone uses VPN, which doesnt make your router immune to exploits.

The reset after 5 failed boot attempts, would reset the routers config to default afaik.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
Tekwhat
DD-WRT Novice


Joined: 30 Dec 2020
Posts: 32

PostPosted: Tue May 24, 2022 6:59    Post subject: Upgraded to 48954 as recommended Reply with quote
I updated to the newest build (you linked). I am getting the same behavior. Anytime I put ip's in the "Allowed IP's" section, with route Allowed IP's via tunnel checked. Once the tunnel connects, I lose connection to my router and internet. I have to reboot the router and get in before the tunnel connects to disable it (this is what fixed it earlier now that I've done it a few times).

If the Allowed IP's is set to 0.0.0.0/0 it works, but I can't have my work router go through the wireguard tunnel.

The Allowed IP list I used was
Code:
192.168.1.1/32, 192.168.1.10/32, 192.168.1.12/32, 192.168.1.15/32, 192.168.1.20/32, 192.168.1.33/32, 192.168.1.44/32, 192.168.1.45/32


The ProtonVPN generates the setting file to upload to DD-WRT, but reading the setup guides you linked and here https://www.ivpn.net/knowledgebase/routers/dd-wrt-how-do-i-exclude-hosts-or-bypass-vpn-tunnel/ it appears I am going about this the right way.

One thing I haven't tried is not including the router x.x.1.1 in the allow list. My first attempt to only route my DHCP pool was 192.168.1.0/24 (I set works router to 1.254 as my DHCP only hands out to 50) I googled what cidr notation didn't include .254 and /24 is what I found.

I just did a reverse calculation on that cidr, and it appears /24 covers all 255 addresses, so in all my attempts so far (aside from default 0.0.0.0/0) my router has been included in the tunnel. Should my routers internal IP not route through the tunnel?
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12834
Location: Netherlands

PostPosted: Tue May 24, 2022 7:04    Post subject: Reply with quote
LoL, no that is not the right way.

Why not read the manual:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327397

Most instructions from VPN providers are outdated and often wrong

You need the client setup guide and especially look at the paragraph about Policy Based Routing (PBR) Smile

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087


Last edited by egc on Wed May 25, 2022 10:04; edited 1 time in total
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12834
Location: Netherlands

PostPosted: Wed May 25, 2022 9:08    Post subject: Reply with quote
moved to the Advanced networking forum
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Wed May 25, 2022 10:22    Post subject: Reply with quote
Some wireguard fixes just went into dd-wrt today =)
_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12834
Location: Netherlands

PostPosted: Wed May 25, 2022 11:28    Post subject: Reply with quote
Not so much fixes as reducing size on some builds and not really related to this subject which seems that the OP has trouble using PBR Smile
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum