Connecting to home IP from anywhere

When you configure your WireGuard server. Make sure you also remember to port forward UDP 51820 traffic to your Flint.

Yes, port forwarding is important if your Flint is sitting behind a different router. I also forgot to mention that you should test your configuration before relying on it when traveling. You don’t want to get to wherever you’re going and be unable to connect to your VPN.

Totally agree with what @pie has said. Also maybe a good idea to investigate Tailscale as both an alternative / back up.

You can also try the free ZeroTier network.

It creates a virtual secure tunnel and bypasses firewalls and can connect your PC, laptop, phone, etc. anywhere you are to your home nertwork, because it creates a direct network between your router at home and your devices anywhere very easily. And in Zerotier Central you can route your home network and reach home devices so that they are also accessible from outside very easily.

This router has IP on the Zerotier network but actually at home it has IP on my home network. Outside the home, with a device also connected to the zerotier network, I type and I can see my router there or I see my PC and with a remote VNC I can manage my PC as if I were at home.

But the Wireguard server is very easy to set up on your Flint at home and it’s also very easy to set up the Wireguard client on your Slate AX on the go.

ZeroTier is the way to go here since Wireguard is often blocked in Hotels.

1 Like

I just wanted to thank you all for your help. As a test, I set up the Flint connected to my home ONT and port forwarded 51820 to the IP that the ONT gave me (192.168.x.x). I did enable the DDNS on the Flint to be safe. I downloaded the Wireguard app to my phone, turned off Wifi, and enabled the client using the QR Code generated by the Flint Wireguard server. Doing a quick “what is my ip?” on Google gives my phone the same exact IP as my home ONT. I assume that means the server setup was a success? If so, my next step is to set up the Slate by pasting the config file into the Client setup section. Since it was an option, I also set up GoodCloud, so I can adjust my Flint settings remotely.

Anything I’m forgetting so far?

Just a heads up, I wouldn’t be relying on GoodCloud. As it’s very flaky for some people and doesn’t work.

What is a better way to access this router directly over the internet then? I just tried putting in my ddns address that the router gave me, and it connects me to the ONT. Which is helpful, but it’s not the Slate router itself.

You’ll need to port forward 80 (HTTP) or 443 (HTTPS) to your Slate (make sure that has a static lease). See Dynamic DNS - GL.iNet Router Docs 4.

1 Like

That did it! I wasn’t adding the :443 to the address (I was using https), just using the straight ddns address which put me to the ONT.

It’s bad practice to make your routers interface reachable from the internet. You should reconsider it.


Make sure that the config you used has the switch flipped to “Use DDNS Domain.”

I would also not make your router’s admin interface accessible from the internet. That is pretty dangerous and you will be attacked by people running automated scripts to try and access your router and network. It’s better to keep access to your router’s admin page restricted to your LAN.


Alright, noted on the admin access.

1 Like

You can access the GL GUI or LuCI admin interfaces over a WG tunnel. That’s how I handle my remote endpoints. I don’t use GL DDNS or GoodCloud myself but the docs for what you’re looking to do are so straightforward, it’s near stupid:

1 Like

Also agree on not exposing your router to the internet. I probably should have mentioned that during my advice.

If you have WireGuard set up correctly and a fallback such as Tailscale or ZeroTier. A fallback is suggested especially if WireGuard access is blocked. You should be good to go to acces your router safely remotely, without exposing it to the internet.

1 Like

WG on :433 (TLS/SSL’s port) if not :53 (Unsecured DNS) should render that concern moot.

Fallbacks are always good, plus you don’t just want to have one path available. Whichever route you choose as your primary access, always good to have a backup. Things get blocked, services and servers can become inaccessible.

… assuming you don’t have an issue scattering more of your digital footprint & being commodified on corporate servers, of course.

There’s always OVPN over TLS as a fall back.

Typo, it’s 443 instead.
But to be honest, just go with ZeroTier then. Way easier and more hotel proof.

Self-host or die. /s