@parhamsan 

It's hassle-free to upgrade, you downgrade without going stand-alone. You connect with SSH and downgrade with the roll-back command.

MR.S wrote

  @parhamsan 

 

It's hassle-free to upgrade, you downgrade without going stand-alone. You connect with SSH and downgrade with the roll-back command.

 

 

 

  @MR.S 

MR.S,

How do you SSH into the router (do you ssh from cmd or use a program)?
What is the syntax with cmd?

I use putty with IP and using the user:admin and password:pass that is on the ER8411 but when I type enable I don't get the list like that, do you know the reason?

I tried roll-back in standalone mode and it worked. Didn't know I can do it not being in standalone mode (crap)!!!

Thanks!!!

  @parhamsan 

yes you are in the right place you type enable and then roll-back, but roll-back is a new command in the 1.3.1 firmware so you will not see it until you have upgraded.

type ? to see commands

MR.S wrote

  @parhamsan 

 

yes you are in the right place you type enable and then roll-back, but roll-back is a new command in the 1.3.1 firmware so you will not see it until you have upgraded.

 

type ? to see commands

 

  @MR.S

Got it thanks!!!

Oh man, this makes it so much easier not going into standalone mode for the downgrade!!!

Cheers!

  @parhamsan 

I'm pretty sure it works with 1.3.1 so you probably don't need to downgrade again. 

MR.S wrote

  @parhamsan 

 

I'm pretty sure it works with 1.3.1 so you probably don't need to downgrade again. 

 

  @MR.S 

Thats odd, WG works but OpenVPN just stopped working!!!

Have not changed any settings so need to dig in and see whats going on!!!

Well at least WG works, thanks @MR.S 

  @parhamsan 

did you disable NAT on Wireguard and OpenVPN? when it comes to OpenVPN, ACL works so if you have any ACL then try disabling this

MR.S wrote

  @parhamsan 

 

did you disable NAT on Wireguard and OpenVPN? when it comes to OpenVPN, ACL works so if you have any ACL then try disabling this

 

  @MR.S 

Yep all NAT for WG and OVP are disbaled. I deleted ACL for the OpenVPN.

Should I change anything in the firewall:

I will do another reboot to see how it goes, thanks!!!

  @parhamsan 

I don't think it matters, but my settings are like that.

MR.S wrote

  @parhamsan 

 

I don't think it matters, but my settings are like that.

 

  @MR.S 

Yep, confirmed both are working now on the 1.3.1 Firmware, the main issue was the NAT and port forwadring (for anyone having this issue make sure to disable NAT for WG and OpenVPN ports!!!) and since I have dynamic IP, it took sometime for the cloudflare DDNS script (on my UNRAID server) to update my WAN IP address.

Thanks @MR.S and everyone else for the help on this matter!!!

Please request the TP-Link team to implement a way to restrict WG access (WAN only, LAN only, or both) on the upcoming Firmware!!!