Hello, I’m trying to set up a 240 router but I have some problems. It’s connected to internet with a Sim card, no WAN connected.
NOTE that Before the last FW update I was using the same setup and it worked for over a year.
After facing some problem I decided to factory reset the router cause I wasn’t sure If I messed it up.
From the factory reset I created:
Two networks, each with its own WIFI AP.
VLANs for the two network and routed over a manageable switch trough the available LAN port.
And some SMS rules to get status.
Now I need to have a VPN tunnel to be able to access the network when I’m away…
Before I was using OpenVPN now I’m trying Wireguard.
So once the VPN is up and working (I can connect to the router with my phone over 4G service) the LANs and the WIFIs are no longer connecting to the internet…
Not sure if it’s relevant but I had the same problem after creating the VLANs, then just the WIFIs weren’t working, so I figured that I had to create the VLANs and just after the WIFIs. So just changing the order in witch I create the services made a difference.
Hope I explained myself cause English is not my first language.
Another thing that I noticed is that after creating the VPN in the firewall is automatically created a new zone with rules but it has a forwarding to a LAN that doesn’t exist in my configuration (it’s the standard one) and if I make changes in the options I cannot save it, an error appears. I need to delete it and create a new one.
What is the content of Allowed IPs on the router ?
What are the values of the “Covered network” and the “Allow forward to destination zones” and “Allow forward from source zones” ?
Sorry I may not be clear enough.
My problem is not on the VPN but on the router itself. I lose internet access on the fisica LAN port of the router and on the WiFi when I enable the VPN.
Btw I’m doing more testing and I think I just found a bug in the system…
So in this situation I have a pc physically connected to the switch and there is no internet connection.
If I delete the VPN and therefore the VPN firewall zone and the VPN traffic rule and I reboot the router. I have back internet connection on the pc.
What the hell I’m missing?
Ok…I’ve done few more tests in different configuration and I’ve found something that may narrow down the issue.
My firewall configuration is correct because now it works, to make it work I had to delete the VLANs, disable WAN and assign one physical port to each subnet.
192.168.1.1 => eth0
10.7.3.1 => eth1
Could be the RUT240 not powerful enough to handle all those things together?
Or I’m missing something on the VLAN configuration?
Just to be clear in this situation where the VPN works and I have internet connection on both subnets, if I then again create the two VLANs and assign them to port “eth0” and enable again the WAN on port “eth1”, the problem where I lose internet connection appears again.
Without the “Covered networks”, “Allow forward to destination zones” and “Allow forward from source zones” initial and current values I won’t be able to tell what is wrong.
Stop the wg tunnel and recreate your vlans / firewall zones as you described above.
Do you still have Internet access ? What are the “Covered networks”, “Allow forward to destination zones” and “Allow forward from source zones” for all the fw zones ?
VPN tunnel still ON
WAN enabled on eth1
Failover ON
“lan2” assigned to eth0
“lan” not assigned to any physical interface
Created the VLANs like before, assigned to eth0 but not assigned to subnet yet.
Reboot.
I still have internet connection.
What are the “Covered networks”, “Allow forward to destination zones” and “Allow forward from source zones” for all the fw zones ?
If I understand correctly, you need to create a lan and associate it to a physical interface for each vlan. In your case that would be eth0.10 and eth0.20 (or vlan1 and vlan2).
Then the association to a subnet can be performed.
