No. Broadcom (and other manufacturers as well) never upgrade their SDK kernels.no reply, ok.
Wireguard requires Linux kernel ≥ 3.10 (released 5 years ago), but asuswrt-merlin seems to use 2.6.36 (released 8 years ago) - very first comment from here
@RMerlin will the kernel be updated for AC-88U? if we cannot get wireguard OOB - could you give us possibility to install and use it?
I think Nordlynx is a "wrapper" arround Wireguard that NordVPN offers as a wireguard solution. If that is the case I would say nope! If NordVPN offers support for "normal" wireguard clients I don't see why it should not work. But my man guess goes for option 1 and then nopeIs it possible to run nordlynx with that tutorial? Thanks
They don't offer official support yet (https://www.reddit.com/r/nordvpn/comments/ge2xu8/router_support_for_nordlynx/) but I guess in the near future they will.Is it possible to run nordlynx with that tutorial? Thanks
https://www.snbforums.com/threads/e...-for-rt-ac86u-ax88u.46164/page-13#post-567684Last userspace tool ipk (wireguard-tools_1.0.20200513-1_aarch64-3.10.ipk) does not have S50wireguard in conffiles. So, all 'exports' settings are completely gone after package upgrade. A bug?
Complete service startup script removal upon package upgrade is not a best option. Maybe it's better to move it's default installation location to /opt/etc/wireguard as sample startup script?If the S50wireguard file is included in the conffiles, process duplication will occur.
changed. And I added one more step.Complete service startup script removal upon package upgrade is not a best option. Maybe it's better to move it's default installation location to /opt/etc/wireguard as sample startup script?
opkg install /path/wireguard-tools_1.0.20200513-2_aarch64-3.10.ipk cp /opt/etc/wireguard/S50wireguard /opt/etc/init.d
Thanks. But be warned — update from wireguard-tools_1.0.20200513-1_aarch64-3.10.ipk to 20200513-2 will remove S50wireguard as well 'as obsolete'.changed
Upgrading wireguard-tools on root from 1.0.20200513-1 to 1.0.20200513-2...
Removing obsolete file /opt/etc/init.d/S50wireguard.
@L&LD already got it, but.. old? really? what’s new then? AX-88U? AX89X (no Merlin FW, btw)? or should I wait for 6E routers due to the fact that ax88 and ax89 will become legacy soon amid such news?
Thank you very much Odkrys for your scripts. Work awesome on RT-AX88U, with Torguard provider.1. Install WireGuard
I would just opkg install the new packages, without removing the older.I see you provide newer kernel and user-space tools. Mine are out of date. How do I upgrade safely? Must I opkg remove the old before opkg install the new? I don't want to break my current config.
Wireguard is working excellent on AC86U.
Going through your instructions...
These below bits ( just under Section 4.5)
WireGuard use iptables so when the firewall is restarted, the rules will gone.
Please add this in nat-start script.
#!/bin/sh WVPNROUTE=`ip route show | grep -i -a "dev wg"` logger -s -t "($(basename $0))" $$ "Checking if WireGuard is UP...."$WVPNROUTE if [ "$WVPNROUTE" != "" ];then logger -s -t "($(basename $0))" $$ "**Warning WireGuard is UP.... restarting WireGuard" /opt/etc/init.d/S50wireguard restart fi
/opt/etc/init.d/S50wireguard: export: line 13: 10.10.15.5: bad variable name
nano /opt/etc/init.d/S50wireguard Mode=client #server or client #server export Subnet = 10.10.15.1/32 #e.g.)10.10.15.1/24 export wgport= #client export LocalIP= 10.10.15.5 #e.g.)10.10.15.5 Route=default #default or policy export wgdns= export Nipset=wgvpn
nano /opt/etc/wireguard/wg0.conf [Interface] PrivateKey = xxx Address = 10.10.15.5/32 DNS = 220.127.116.11 [Peer] PublicKey = xxx AllowedIPs = 0.0.0.0/0 Endpoint = 80.xx.xx.123:51820 PersistentKeepalive = 25
ip rule del prio 11111 2>/dev/null ip rule del prio 11112 2>/dev/null ip rule add from 192.168.1.10 lookup 117 prio 11111 ip rule add from 192.168.1.20 lookup 117 prio 11112