I’ve got a GL-MT3000 Beryl AX and want to setup a WireGuard connection to my home.
The router at home is Mikrotik RB3011 that’s also running the WireGuard server and listening on port 13231.
My Android phone has no problem with connecting.
Here’s the config of my Beryl:
Address = 172.16.1.3/32
ListenPort = 51820
PrivateKey = Private key
DNS = 172.16.1.1
MTU = 1420
Can you SSH into your Beryl AX? There’s a few commands that provide extra info for WG that the GL GUI doesn’t provide (eg: wg show , ip route) . Default IP is 192.168.8.1, passwd same as GL GUI, username root . See
If you can post a redacted version of your Android’s WG conf that’d be helpful too.
(FYI: This forum support Markdown. If you use three ‘backticks’ before & after the output, it’ll be enclosed in a code block. Use single tick for one liners (as demostrated)).
The problem is solved, thank you for your time.
Now you properly wanna know what the problem was
With the command ‘wg show’ i saw finally on the ‘Interface: wgclient’ the public key.
In the GUI, you don’t see the public key, only the private one. I used the private key as public key on my Mikrotik RB3011 router, and we all know that doesn’t work.
I don’t know where to report a Bug, but this must be a easy fix for them
While I’m glad you got WG online I really don’t think using your private key in a public fashion is advisable. The private key should be just that: private.
Here’s a ‘known good’ configuration of two directly connected GL devices of a Flint acting as a WG Server & a Certa as a WG Client. The [redacted] portions were done manually before posting, of course. If you were to compare that configuration, especially how the keys are portrayed, I think that would help lock down your setup securely:
You’re right, you don’t use a private key for public uses, but I couldn’t get it to work, so i thought they made a fault and mixed public and private. There for I copied the private key to my WG server. The public and private key are not the same if you thought so.
For now it is impossible to setup WG cliënt manually in the GUI, because the public key isn’t visible.
Therefore you need to use a SSH client and the commando ‘wg show’ .