Yeah, I’m picking up on what you’re putting down. I call such scenarios ‘Clandestine Remote Working’ (… even if it’s authorized by your employer). It’s a not uncommon goal for some w/ GL devices.
Okay, so really there’s two goals here:
- WireGuard to/from your ‘home base’ IP
- A custom SSID for Wi-Fi within your Private LAN at the remote location (‘WG Client’ device)
- I think this could easiest be accomplished by renaming the Guest SSID
- GL GUI → Wireless → {5/2.4GHz} Guest Wifi → Wi-Fi Name (SSID)
- I think this could easiest be accomplished by renaming the Guest SSID
Now, I haven’t finished my coffee quite yet but here’s what yer gonna need:
Home Base Device/Network
- Ensure you’re not behind a CG-NAT (your ISP would know).
- If your ISP provided modem features a ‘bridged mode’ to set the modem as just a modem (eg: no Wi-Fi capabilities), use it. Keep the modem as a modem as other supposed ‘features’ cause more trouble than they’re worth.
- Open a port to forward incoming Internet requests to the default WG connectivity port of 51820 to whatever device IP is going to act as the WG Server.
- Presuming the WG Server device is a GL router, set up
- Dynamic DNS to map your possibly changing public/Internet IP
- GL already provides this capability via GL GUI → Application → Dynamic DNS
- Dynamic DNS to map your possibly changing public/Internet IP
- Set up either WG Server → WG Client or WG LAN to LAN VPN (Site-2-Site)
- Follow setup by using the defaults at this point.
- I prefer the the former for simplicity while the latter may be just as useful.
- The former can also allow more flexibility for routing specific devices thru the VPN via ‘VPN Polices’ but that’s a bit off topic at this point.
Remote Location Device
- Ensure WG Client uses an
endpointaddress of the GL GUI’s DDNS and not a IP. You’ll see what I mean in the configuration settings for WG Client.
(At this point I realize I’m just summarizing what’s already in the docs so I’m going to stop. The coffee must be finally kicking in.)