I've been trying to set up WireGuard server on my AX88U router in order to access LAN resources from anywhere using my Android phone. The only way I've been able to get it to work is to set the tunnel IP to the same IP as the router LAN IP (192.168.1.1), and set the client IP to an IP in the LAN range (192.168.1.2). None of the documentation or tutorials that I can find suggest doing this but instead show using a completely different private subnet (10.6.0.x) for the VPN, but I don't see how my phone on that subnet could access devices on the LAN subnet. What mm I missing?
WireGuard Server and LAN Access
- Thread starter MadPup
- Start date
In the Wireguard Server setting on the router, did you enable Access Intranet?
[Wireless Router] How to set up WireGuard® VPN server?
No problem using stock WireGuard settings on Asus-Merlin firmware to access local network clients from an Android phone with the Access Intranet option enabled and the Wireguard IP's set to 10.6.0.1/32. One may have to configure local network device firewalls to allow access from the 10.6.0.x range used by the WireGuard tunnel if those devices block access from ranges other than local LAN default.
From the Asus link, an example of the WireGuard Server settings showing the Access Intranet option.
[Wireless Router] How to set up WireGuard® VPN server?
No problem using stock WireGuard settings on Asus-Merlin firmware to access local network clients from an Android phone with the Access Intranet option enabled and the Wireguard IP's set to 10.6.0.1/32. One may have to configure local network device firewalls to allow access from the 10.6.0.x range used by the WireGuard tunnel if those devices block access from ranges other than local LAN default.
From the Asus link, an example of the WireGuard Server settings showing the Access Intranet option.
Yes, I have Access Intranet enabled. I guess it's possible that all the devices I have tried disallow access from a different subnet. This includes pinging my Windows PC, accessing my NAS, streaming form my IP Security Cam, etc. The one device I can access with the 10.x subnet using it's LAN IP is the router. I will experiment more and post back if I make any progress. Thank you, guys! It's good to know what should work, even if it doesn't seem to.
BTW is there anything wrong with the way I have it working now? Obviously things are a lot easier if my VPN client has a LAN IP. My intention is that I want my phone to behave as though I were at home on the LAN.
Oh, and there does not seem to be a way to (easily) configure masquerading on the router. The suggested way is to use port forwarding but requires individual rules per port.
BTW is there anything wrong with the way I have it working now? Obviously things are a lot easier if my VPN client has a LAN IP. My intention is that I want my phone to behave as though I were at home on the LAN.
Oh, and there does not seem to be a way to (easily) configure masquerading on the router. The suggested way is to use port forwarding but requires individual rules per port.
Last edited:
Similar threads
Similar threads
Similar threads
-
Wireguard, I can't reach other devices using names
- Started by Requiem
- Replies: 0
-
GT-AX11000 Wireguard Client Caps Wan Speed to 250Mbps Down.
- Started by Rajjco
- Replies: 0
-
'Special' Wireguard setup question
- Started by MarkusI
- Replies: 0
-
Cannot activate two wireguard connections in VPN Fusion
- Started by b82m
- Replies: 1
-
Wireguard VPN on GL.iNet Router
- Started by irvingtelder
- Replies: 4
-
Solved AX88U Wireguard Issue
- Started by shanetrain
- Replies: 1
-
-
OpenVPN server on GT-AX11000 Pro - connection from clients fail
- Started by josephwit
- Replies: 5
-
RT-AX86u Media Bridge server fw best practice?
- Started by dssboss
- Replies: 14