Automate WireGuard Endpoint Rotation on GL-AXT1800 Every 15 Minutes

Yottakube · June 16, 2025, 1:47am

Hello everyone,

I’m running OpenWrt on a GL-AXT1800 router with a single WireGuard tunnel (wg0) pointed at one of four VPN servers in different countries:

France
Mexico
USA
Canada

I’d like to automatically switch the tunnel’s Endpoint to the next country’s server every 15 minutes. So far I’ve tried:

Cron job invoking a shell script locally
Background loop script via SSH

Neither solution has worked reliably—cron runs the script but the endpoint never changes, and the SSH‐loop often freezes the router requiring a reboot.

What I’m Looking For

A lightweight, stable method (ideally without heavy extra packages)
Rotation of the WireGuard Endpoint every 15 minutes
Minimal impact on router stability and performance

What I’ve Tried

*/15 * * * * /root/rotate_vpn.sh

Excerpt from rotate_vpn.sh
!/bin/sh
endpoints=(
France
Mexico
USA
Canada
)
pub="<SERVER_PUBLIC_KEY>"
idx=$(cat /root/vpn_index 2>/dev/null || echo 0)
next=$(( (idx + 1) % 4 ))
endpoint=${endpoints[$next]}

wg set wg0 peer "$pub" allowed-ips 0.0.0.0/0 endpoint "$endpoint" || echo "Failed to set endpoint"
echo "$next" > /root/vpn_index

**
After the job runs, wg show wg0 still shows the previous endpoint, and sometimes the router becomes unresponsive.

Has anyone successfully implemented endpoint rotation on OpenWrt / GL-AXT1800?**
Any pointers, whether using UCI, a minimal cron alternative, a firmware tweak, or a simple shell trick, would be greatly appreciated.

Version
4.8.0
Firmware Type
beta5

OpenWrt Version
OpenWrt 23.05-SNAPSHOT r23485+125-e92cf0c46f
Kernel Version
5.4.164

Thanks in advance!

bruce · June 16, 2025, 6:49am

Hello,

Seems this feature does not be supported at this moment.

BTW may I know the reason why make the router changing the WG profile every 15 minutes?

Yottakube · June 16, 2025, 1:48pm

Hello @bruce

Hope you are doing well
Thank you for your reply and feedback

I was really hoping that the GL-AXT1800 can handle the simple IP change address every 15 minute for me when I bought from Amazon.ca

And to answer your question about the reason why I want to change the IP address every 15 minutes:
One of my client, have a business and her customers log in to their Wi-Fi everyday, and while the customers are onsite, they give reviews on google everyday, and many of the reviews get rejected since it comes from the same IP address...

If you have a better approach for me, you can reach-out

Thank you

bruce · June 20, 2025, 2:59am

Hi,

Sorry, there is currently no good way to automatically switch VPN profiles.

On v4.8 firmware, supported failover for VPN profile (group), but it does not automatically switch if the profile VPN tunnel works normally.

It seems that your custom request cannot be met because it is a bit special.
When the current profile works normally, ordinary users will not let the router actively switch another profile. Generally, the switch will be triggered after the current profile VPN is abnormal, and failover switch to next one profile.

I think depends on your customize request, may only manually switch the profiles.