Menu
What's new
By:
Filters Better Search

Wireguard implementation?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

I’m going to follow this up with a thought: given that some of Merlin’s ideas/implementations have been adopted by Asus, it might be worthwhile to keep pushing for this, especially with what seems to me to be something of a quantum leap forward with 384.15. Maybe a poll is required to determine how many Merlin users have successfully added WireGuard to their router to see if its a fringe movement or if there is a grassroots uprising. There are a bunch of smart people here who know how to make this happen, and who might possibly be willing to help the rest of us. C’mon, team. Let’s take the chance and make this happen. If JackYaz and @thelonelycoder and @FreshJR and @kvic can contribute to the whole, why not someone else?


Sent from my iPhone using Tapatalk
 
aris said:
I know what a kernel is - i've been doing Unix for 30 years. WireGuard doesn't have to be in the kernel to work. As for changing the answer given - it may or it may not. I think it depends on the level of effort. If it means kernel changes - yeah, zero chance unless ASUS release it. If it can be done in userland - then it is a possibility. It looks like it will become very very mainstream so plans to implement it may well be user driven - and possibly done by ASUS. As for when - it depends on how ahead of the curve the various parties want to be. Reading through this thread, it looks like there is already a userland implementation which someone has tried and managed to get to work. Is it ready for prime-time? Possibly not - but one has to start somewhere.
Click to expand...
At times like this, the phrase "patches welcome" springs to mind
 
Nag ASUS for WireGuard instead of Merlin and the script guys. Right now too few people own routers compatible with WG to justify working on it. My OpenWRT travel router is running a WG server and it’s been a massive step up over OpenVPN. Even the official WG clients/app are infinitely better than OpenVPN. Now I want to replace my buggy unreliable AC86U with a pfsense box or OpenWRT router. ASUS hardware has lost its lustre and too pricey and I expect they’ll be slow to support WG.
 
Something in me believes the Merlin community of devs & users is at a turning point/moment of attaining critical mass, and I’m choosing to hope that will be able to influence Asus’ decisions/path in the near future.


Sent from my iPhone using Tapatalk
 
Asus and I target different audiences. I target advanced users, while they target the masses. Therefore we have different goals in mind.

Let's put it simply: Wireguard won't sell more routers for Asus, especially since it could only be implemented on like 3 or 4 models right now, all the others are running an incompatible kernel.

Business-wise, it would make far more sense for Asus to finalize their IPSEC implementation, which they haven't so far.
 
I have a feeling that it will lose a lot of its performance edge over OpenVPN, since it will then have to go through context switches just like OpenVPN. Someone would have to benchmark it to compare.
 
https://pivpn.io/
http://bitman.org/irafinch/rpivpn/

In the past, I have experimented/set up Raspberry Pi VPN server(s) behind my Router(s) using PiVPN and a book bought on Amazon. The author of the book is pondering adding Wireguard option to his current book, or writing another one. I currently have a Rpi running Ira Finch's implementation of OpenVPN server behind my router on those occasions that I happen to be out and about/traveling on public/hotel wifi's and want to switch between AsusWRT VPN server and Rpi VPN server.

I did notice that recently the pivpn.io site says their inplementation now offers Wireguard as well as OpenVPN. Has anyone experimented with that implementation?
 
More and more vpn provider, provides wireguard !!!

So +1 from me for wireguard on asus... :)
 
WireGuard will be a very good solution for those wanting to run fast VPN clients on lower powered processors as typically found in SOHO routers.

I installed WireGuard on an old device I had used as a VPN appliance running ubunto. This device has an older Atom processor. Using OpenVPN this device's download speeds were in the mid 80s Mbps. I then switched to WireGuard from StrongVPN running on this device and download speeds were in the 230 - 240 Mbps range which is my full line speed from Comcast. I may temporarily upgrade to gig speeds to see WireGuard's full potential really is.

The future for VPN capable routers would seem to be towards new routers that will support WireGuard because as Merlin has pointed most older hardware won't.
 
If one wants a wireguard vpn server that they control - probably easiest solution out there immediately is a Raspberry Pi with pivpn (www.pivpn.io). Pretty easy to set up and you have full control over it. (probably a cheaper solution too as compared to buying in the future a high end router with wireguard baked into the kernel).

I've been using my raspberry pi 3b in conjunction with RT-AC68u (merlin fw).

On the Raspberry Pi have:
- pivpn (wireguard vpn server)
- Pihole (ad blocking and DNS)
- netdata (infrastructure monitoring)

On the RT-AC68u
- merlin fw 384.15
- scMerlin
- spdMerlin
- netdata (no data store - streams to pi netdata instance)

With the pandemic been away from my house since early March and been using the wireguard vpn clients continuously on our laptop, iPad and 2 iPhones without any issues at all.
 
rjsh said:
If one wants a wireguard vpn server that they control - probably easiest solution out there immediately is a Raspberry Pi with pivpn (www.pivpn.io). Pretty easy to set up and you have full control over it. (probably a cheaper solution too as compared to buying in the future a high end router with wireguard baked into the kernel).

I've been using my raspberry pi 3b in conjunction with RT-AC68u (merlin fw).

On the Raspberry Pi have:
- pivpn (wireguard vpn server)
- Pihole (ad blocking and DNS)
- netdata (infrastructure monitoring)

On the RT-AC68u
- merlin fw 384.15
- scMerlin
- spdMerlin
- netdata (no data store - streams to pi netdata instance)

With the pandemic been away from my house since early March and been using the wireguard vpn clients continuously on our laptop, iPad and 2 iPhones without any issues at all.
Click to expand...
Do you possibly have a setup guide to do the server and netdata parts?
 
Zonkd said:
Nag ASUS for WireGuard instead of Merlin and the script guys. Right now too few people own routers compatible with WG to justify working on it. My OpenWRT travel router is running a WG server and it’s been a massive step up over OpenVPN. Even the official WG clients/app are infinitely better than OpenVPN. Now I want to replace my buggy unreliable AC86U with a pfsense box or OpenWRT router. ASUS hardware has lost its lustre and too pricey and I expect they’ll be slow to support WG.
Click to expand...

AC86U is "buggy/unreliable"?
 
He said his router was unreliable....he wasn’t generalizing. This is very possible with any router not just the AC86U.


Sent from my iPhone using Tapatalk
 
I've arrived here looking for the status of Wireguard on ASUS/Merlin. I have an RT-AC86U running Merlin with OpenVPN client & servers. I can do stuff but not hyper technical. I use OpenVPN to get to my home network, NAS, multiple devices and especially the Home Automation system. Also when travelling to get me safely through unsafe networks.

I've read RMerlin's long ago response and agree with his position. I understand where he's coming from. I'd be saying the same.
Other's are also correct about the adequateness of OpenVPN performance. It's actually rare that the router or OpenVPN are the performance bottleneck.

So you ask, I understand all that & still want Wireguard ?

Why? The tunnel setup time is so fast you don't realise it's being done.
I can open a mobile app, for example Home Assistant, with no tunnelling delay. It make's me feel confident to add more to my private network knowing it's only an instant away. OpenVPN's 5 second plus delay makes it an inconvenient drag.

So I'm hoping there is another way forward. I'd like to have Wireguard server on my RT-AC86U. A non-convoluted easy to setup and upgrade formula.

(I know I'm new & you may choose to disregard my comments. As a long time lurker I've joined up to comment. As a past donator of a somewhat trivial amount, I thought OK to add my 5 cents worth.)
 
CaptainSTX said:
WireGuard will be a very good solution for those wanting to run fast VPN clients on lower powered processors as typically found in SOHO routers.

I installed WireGuard on an old device I had used as a VPN appliance running ubunto. This device has an older Atom processor. Using OpenVPN this device's download speeds were in the mid 80s Mbps. I then switched to WireGuard from StrongVPN running on this device and download speeds were in the 230 - 240 Mbps range which is my full line speed from Comcast. I may temporarily upgrade to gig speeds to see WireGuard's full potential really is.

The future for VPN capable routers would seem to be towards new routers that will support WireGuard because as Merlin has pointed most older hardware won't.
Click to expand...

If you pop over to the master topic/thread quoted above, I have seen speeds >600Mbps posted there. That’s the best I can recall.
It’s light and fast...but is it secure?


Sent from my iPhone using Tapatalk
 
You must log in or register to reply here.

Similar threads

TheLyppardMan
A question about WireGuard security
2
Replies
25
Views
885
Viktor Jaep
Viktor Jaep
S
Guide Wireguard-portforwarding
Replies
13
Views
620
ZebMcKayhan
Z
T
WireGuard and Traditional QOS
2
Replies
24
Views
1K
Tomo123
T
T
Wireguard VPN Disable IPV6
Replies
0
Views
165
treycortez
T
H
WireGuard VPN Watchdog?
Replies
6
Views
912
Jeffrey Young
J
Similar threads
Thread starter Title Forum Replies Date
A Upgraded Ac86u to 386.13_2 and cannot find wireguard Asuswrt-Merlin 2
T Wireguard VPN Disable IPV6 Asuswrt-Merlin 0
S Guide Wireguard-portforwarding Asuswrt-Merlin 13
D Solved Samba, LACP & WireGuard. Question. Asuswrt-Merlin 5
P Question on Wireguard tunnel configuration. Asuswrt-Merlin 8
TheLyppardMan A question about WireGuard security Asuswrt-Merlin 25
A Restart WireGuard client when fails Asuswrt-Merlin 5
A WireGuard tunnel interferes with Tapo cloud app (blocks it) Asuswrt-Merlin 13
M Best router for wireguard or openVPN Asuswrt-Merlin 1
L Unbound + Wireguard: is this combination possible at all? Asuswrt-Merlin 6

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 986 (members: 24, guests: 962)
Top