What's new

[Experimental] WireGuard for HND platform (4.1.x kernels)

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I use this site for OpenWRT routers for wireguard.

 
I use this site for OpenWRT routers for wireguard.

Thanks!
 
Is there a list somewhere of the routers that support wireguard? I'd like to buy a new router and it would be nice to run a vpn server on it.
I doubt any routers will support WireGuard natively (as in native firmware). You will likely need to run OpenWrt or Merlin or something similar to run WireGuard server.

I have the Asus RT-AX88U and have been running WireGuard as a server for a while without any issues - super fast and simple; once setup.
 
I'm struggling to make this work

I've followed the server tutorial and all seems to work fine,but when I try to use my QR code or a config file the wireguard app for IOS say that is invalid file/qr-code

¿any toughts what coud it be?
 
I'm struggling to make this work

I've followed the server tutorial and all seems to work fine,but when I try to use my QR code or a config file the wireguard app for IOS say that is invalid file/qr-code

¿any toughts what coud it be?

Does your client file look like this... The order of lines is important.
- Address is the IP address allocated to the client (as per your config)
- DNS is the IP address of your router (if you wish to route everything through)
- End Point is the public IP or DNS name of your server

[Interface]
PrivateKey = ????????????????????
Address = 10.10.0.11/24
DNS = xx.xx.xx.xx

[Peer]
Endpoint = xx.xx.xx.xx:51801
PublicKey = ????????????????????
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25

I suggest that you edit the client file created by WireGuard and ensure that it contains all the lines and then load onto the iOS app.
Ignore the QR code for now.
 
Does your client file look like this... The order of lines is important.
- Address is the IP address allocated to the client (as per your config)
- DNS is the IP address of your router (if you wish to route everything through)
- End Point is the public IP or DNS name of your server

[Interface]
PrivateKey = ????????????????????
Address = 10.10.0.11/24
DNS = xx.xx.xx.xx

[Peer]
Endpoint = xx.xx.xx.xx:51801
PublicKey = ????????????????????
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25

I suggest that you edit the client file created by WireGuard and ensure that it contains all the lines and then load onto the iOS app.
Ignore the QR code for now.
ok I'll try.

some questions tought:


¿where is dns can I put my router's ddns(I have dynamic ip)?

¿with the router ip at DNS you refers to private IP (gateway) or to the wan IP?

¿the 51801 port in the endpoint is right? in the tutorial says to use:

ListenPort = 51820

export wgport=51820


thanks
 
ok I'll try.

some questions tought:


¿where is dns can I put my router's ddns(I have dynamic ip)?

¿with the router ip at DNS you refers to private IP (gateway) or to the wan IP?

¿the 51801 port in the endpoint is right? in the tutorial says to use:

ListenPort = 51820

export wgport=51820


thanks
- DNS should be your router private IP (probably 192.168.x.x or something similar - whatever you set it); not the WAN IP.
- Endpoint Port should be whatever you have configured. I do not use defaults, so mine is 51801, if you have set yours to 51820, then it should be 51820.

Post your client.conf file here (Remove the key values) and post your router private IP address - and I can create the correct file...
 
I'm wondering if I should wait on this until v386 firmware is released...entware may change, etc.
 
Could someone provide a tutorial for the detailed installation, for laymen?

The tutorials I found so far are kind of abstract, they just indicate what to do, but not how to do it :(
 
Could someone provide a tutorial for the detailed installation, for laymen?

The tutorials I found so far are kind of abstract, they just indicate what to do, but not how to do it :(
What are you intending to do?
Run a WireGuard client to connect to some WireGuard server ? Or run a WireGuard server on the router.

I think you need to be a bit more specific on your requirements for a tutorial.
Also, what router model do you have, hardware model, software version, etc...
 
What are you intending to do?
Run a WireGuard client to connect to some WireGuard server ? Or run a WireGuard server on the router.

I think you need to be a bit more specific on your requirements for a tutorial.
Also, what router model do you have, hardware model, software version, etc...

Oops!

As the topic is related to the RT-Ac86u / AX88u, I didn't specify my model, anyway mine is the AX88u.

I would like to run the VPN Client with WeriGuard (from Mullvad).

The guidelines I observed in the topic are somewhat abstract, in fact, they are for those intent on running scripts in Merlin.

As I consider myself a layman to install something on Merlin, I requested that anyone who can provide a detailed tutorial on how to install WireGuard on Merlin (for VPN client), in this case a step by step.
 
Oops!

As the topic is related to the RT-Ac86u / AX88u, I didn't specify my model, anyway mine is the AX88u.

I would like to run the VPN Client with WeriGuard (from Mullvad).

The guidelines I observed in the topic are somewhat abstract, in fact, they are for those intent on running scripts in Merlin.

As I consider myself a layman to install something on Merlin, I requested that anyone who can provide a detailed tutorial on how to install WireGuard on Merlin (for VPN client), in this case a step by step.
This may help.
 
I will record in detail the progress I have made so far (for other laymen who wish to install WireGuard), but it is far from over!

Well, as I asked before, there is no detailed tutorial, just abstract guidelines, but that lay people cannot follow.

What I've achieved so far:

(1) I got a pendrive and with the software 'Minitool partition Wizard' (which can be downloaded here 'https://www.partitionwizard.com/free-partition-manager.html') I formatted it for Ext4;

(2) After formatting, I put the USB stick on the router;

(3) enable SSH on the router using the following menu:
Administration> System> Service;

(4) I downloaded the 'PuTTy' software and inserted the router's IP and then 'open', as shown in the following image:

1606245562258.png


(5) After entering the router, through PuTTy, the first command to be entered is the name of the router's administrator and password, as follows:

1606246002978.png


(6) After that, I typed the command 'amtm' and hit enter, it looks like this:

1606246165476.png


(7) Then, I typed the letter 'i' and hit enter. Next, I typed the letters 'ep' and hit enter. Then just go entering the numbers that were requested and that's it, 'Entware' installed.

1606245718436.png


(8) I don't know what else to do from here ???
 
I know that this level of detail seems pathetic, but it really isn't. For those who are more lay, every detail presented makes all the difference to succeed in this endeavor.
 
I’m also looking for a laymen’s guide on this. I have an AC86U and want to install a wire guard client so I can use NordLynx.
 
Hi! I'm running Wireguard on my AX88U in client mode. The Wireguard config file I received from my VPN service (Integrity VPN) includes both a IPv4 adress and a IPv6 adress.

[Interface]
PrivateKey =
Address = 10.0.49.253/24,fdab:1337:1337:49::253/64


How do I use the IPv6 adress? When trying:

export LocalIP=10.40.12.49,fdab:1337:1337:49::253

I get this when starting wireguard:

Error: ??? prefix is expected rather than "10.0.49.253,fdab:1337:1337:49::253".
Error: inet address is expected rather than "10.0.49.253,fdab:1337:1337:49::253".



Using only the IPv4 adress works without issues.
 
Last edited:
Hi

I just wanted to express my thanks for making this a possibility with my AX88U. Feels good to put that quad-core processor to use.

I currently have 1Gig fiber at home and with Wireguard 20201112 kernel my top speed hits way over 600Mbits with ease. With OVPN max I was getting was around 250-380Mbits.

Im running Wireguard in policy mode. Five IP-addresses are routed from LAN to Wireguard with wg-policy.


Just out of curiosity, just too Pimp my setup further but not actually needed because my Wireguard client has yet to disconnect even one time.

Is there a command or something to make certain IP-addresses get WAN-access block i.e blocked access to the internet if the Wireguard server goes down (kill-switch).

I've tested that if I stop the Wireguard service in SSH (server gets disconnected), those five IP-adresses goes back to going through WAN :(

Thanks again, and thanks Rmerlin for this wonderful firmware upgrade.
 
Last edited:
Hi! I'm running Wireguard on my AX88U in client mode. The Wireguard config file I received from my VPN service (Integrity VPN) includes both a IPv4 adress and a IPv6 adress.

[Interface]
PrivateKey =
Address = 10.0.49.253/24,fdab:1337:1337:49::253/64


How do I use the IPv6 adress? When trying:

export LocalIP=10.40.12.49,fdab:1337:1337:49::253

I get this when starting wireguard:

Error: ??? prefix is expected rather than "10.0.49.253,fdab:1337:1337:49::253".
Error: inet address is expected rather than "10.0.49.253,fdab:1337:1337:49::253".



Using only the IPv4 adress works without issues.

Silly question:
Is IPv6 enabled on your router?
 
Hi

I've managed to make my wireguard sever in asus ac86u connect the tunnel,but is not working.

I mean, I have tunnel stablished,handsake works and command wg in the router shows me that the client is connected,and log in the client says that tunnel is enabled and handsakes and all stuff is working,plus I have data send and received.

the problem,is that if I try to search internet or even try to acces the router's main page,it won't work.

proably something is blocking my tunnel to connect to any local or non-local server

¿any thoughts?
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top