Configure wireguard client to connect to NordVPN servers?

Yeah as Alfie wrote any changes NordVPN make to Wireguard need to be made public. You can ask them for a link to the source code changes they made.

Also, im not so sure its a privacy issue. Wireguard requires fixed IP addresses set for each client in the config file, IP’s internally used to identify each connected client INTERNALLY. This is not public in any way. OpenVPN also requires IP’s, but they are not statically set in the config files, they are dynamically issued on each connection, that is the main difference here. So i guess they are worried that if the Feds raid their server farm, all the config files will show all the connections to users, but that is just a poor implementation server side. If you raid an OpenVPN server farm, all the connections are still in memory until the server is shut down, they would be able to link connections in that way too. Having a server kill switch where it shuts down all processes (for OpenVPN) and an extra wipe of all configs (for Wireguard) would be better for them.

BTW you can check threads about NordVPN. They had a massive privacy leak and did not disclose about it until the hack was made public on Twitter, don’t trust them for anything.


Thanx alzhao and Johnex for your comments.
I’m not so technical to be able to have a clear picture of the implementation details of the different VPN solutions. But I understand the general meaning of what you explained.
For Johnex: thanks for your warning about NordVPN, which I use mainly to access restricted streaming services around the world, such as UK-BBC, US-TV and other public broadcasters which impose restrictions on te countries where you’re connectiong from. For my needs it’s perfect, but I understand it’s not ok when one needs strict privacy. Do you know better VPN services when privacy is the main purpose?

1 Like

Here is a list of VPN’s and more info about the 14 eyes:

I personally use Mulvad and, and i know AzireVPN is also great.

1 Like

Thank you very much Johnex for all your valuable information

1 Like

The real issue with using Wireguard as a VPN is as stated earlier:

Wireguard was designed as a Point-to-Point VPN, not the traditional RoadWarrior or one server, many client configurations which are the traditional model for commercial services.

Trying to blend the P-to-P model of Wireguard with a many client-to-one server model is why NordVPN only support their own application as a connection.



There must be a way around it though. VPN Unlimited are able to offer configs for wireguard. Sure VPN Unlimited is not as big as NordVPN but they are not small either. If they could do it, then Nord definitely can do it.

1 Like

Greetings community. I just registered an account a few minutes ago to be part of this topic!

Recently i talked with NordVPN chat support and also send email to their support about “Wireguard Configuration file” , for connecting Wireguard protocol manually without NordVPN app and with it’s Wireguard client.

And they said their technicians already working on it to make it possible to using WireGuard protocol servers manually; and this option will be available in near future. btw I’ve send 'em another emails related this issue and their support said i will nudge technicians to speed up the process and release it as soon as possible!


nothing happened after 1 month.

the world becomes UNSTABLE, unstable in the society.

A secure line may help.

Hi there,

I’m not a gl-inet user. But I know it can run Openwrt. I’ve written a script to connect to Nordvpn wireguard servers. If anyone is interested pm me for details.

Can you share just here pls?

Hi ! Can you share the script , cant send you PM

Nope. I dropped nord and went to torguard.

It’s very simple. All you need is your interface private key. If you have any linux machine, use that or jnstall a vm if you don’t have one. Get their official linux app installed. Install wireguard too. Connect to nordvpn with command:

nordvpn c

After successful connection run

ifconfig nordlynx

write down its IP address somewhere, you’ll need it later.

sudo wg show nordlynx private-key

Output of this command should be something like this:


This is your private key. Write it down. The key above is just a random key for demo purposes.

Now make sure you have curl and jq installed on your router… These are needed to be able to fetch the config of NordVPN Server. If not installed, go ahead and install

opkg install curl jq

After installation enter the command below to fetch the recommended server config:

curl -s "\[servers_technologies\]\[identifier\]=wireguard_udp&limit=1"|jq -r '.[]|.hostname, .station, (.locations|.[]|.country|, (.locations|.[]|.country|.name), (.technologies|.[].metadata|.[].value), .load'

Output: #your endpoint host #its ip address
London #city
United Kingdom #country
K53l2wOIHU3262sX5N/5kAvCvt4r55lNui30EbvaDlE= #Server public key
10 #Server load at the time.

Now you can use the data above to configure your OpenWRT WireGuard Interface.


Now… I’m VERY new to this so apologies in advance
I’ve followed [teymur88]'s excellent instructions and used them to populate the Wireguard Client on my Brume-W

All I get is the amber light and no internet connection, Please could someone let me know where I’ve gone wrong? The Listen Port was added automatically, not by me.
Many thanks

You need to set the DNS to something for the internet to work. Without it, only connections to other devices in the VPN network will work.

Try setting it to or

I’ve been watching this thread on and off last year and just gave teymur88’s instructions a try myself.

Along with clues from Ades and Johnex posts, I’ve gotten a little further with the settings attached.

Notice that the green connection status dot appears in the VPN sidebar. Additionally, I can see the WG WireGuard symbol on the router homepage replacing the VPN connection symbol I had before it. However, when I check my public IP, it still shows as my ISP provided IP rather than the NordLynx one I’m expecting.

I am using a GL-B1300 on firmware 3.105.

Not sure where else I can be going wrong here and any help is greatly appreciated.

That was simple enough to follow and connected first time, so thanks for that. The only thing not in the instructions which may catch some newbees out, when entering the endpoint host, remember the :51842 port at the end, so from the posted example it would be - `

Just wanted to provide an update that I managed to solve my problem. The allowed IPs required CIDR notation, everything else was fine. Thank you teymur88 for your guide.

I’m finding the Wireguard connection rather hit and miss though and it can be pretty flaky at times for the services I use. During the day I’m getting performance similar if not worse than OpenVPN with speeds of around 9-18Mbps, sometimes upload barely hits 1Mbps. At night it skyrockets to 90Mbps closing in on all my available bandwidth.

Curious of other people’s findings.

I’ve tried a few speedtests and seem to be pretty stable in the 30-40Mbit range.

There are numerous servers, could you be on a congested server? May be worth going through the process again using a different server.

Shouldn’t that be 51820.