I have set up a working Wireguard Server connection for connecting to my home network from the internet and a working OpenVPN Client connection (ProtonVPN) to encrypt my Internet traffic but I can only use one type of connection at the same time.
How to configure the router to get both connections running?
Furthermore DDNS service is also not available when the OpenVPN Client is active.
So, I did try to reconstruct the situation on my dd-WRT router and both connections work simultaneously.
For the OpenVPN client I did some Policy Based Routing so only a certain IP range (x.x.x.100 to x.x.x.150) shall get routed over the OpenVPN connection and the rest is normally connected to the WAN.
For Wireguard I didn’t change anything and I can establish a WG connection via LTE to my home network at the same time.
so your statement “Your data goes one way or another.” may be true on the GL router but in reality it’s no big deal to get this working
actual settings on the GL-MV1000W
VPN Policy settings:
Use VPN for all processes on the router → deactivated
Rule: Only allow the following use VPN: 192.168.0.101
if I activate the the Wireguard Server the following error prompts: WARNING: Conflicts! All other VPN services must be stopped first.
So I have proven that this setup works on a dd-wrt router, so technically this setup works, is there something I can change in the openWRT setup?
BTW DDNS Service is also runnig on den dd-wrt if openVPN and Wireguard is running…
For advanced features it does work, just not out of the box. The router “by design” has the most used configurations that people use. It is impossible to supply a router that can have all combinations (especially for fringe use cases). It’s not a hardware issue, its a software configuration issue only.
You can set up your own iptables routing to get it to work. For such more advanced things, you are better off asking in the OpenWRT forums. Here is an example of someone doing what you want:
You should also not be using OpenVPN in 2020, it is slow on the travel routers as it uses AES that is only software decoding. Get VPN provider that has Wireguard instead.
I don’t think we have a comparable opinion what “good” is. I need to trust my VPN provider, I don’t care if it implements the latest technologies. My first priority is privacy and that is what matters, not if the used protocol is the newest standard. What if my VPN provider leaks user data, as there have been now not a few which have done that, but uses Wireguard… A good VPN Provider is not awarded by the use of the Wireguard Protocol…
So from the wireguard web. The standard protocol does not support TCP and have to implement a workaround. How many vpn providers going to provide workaround?
WireGuard explicitly does not support tunneling over TCP, due to the classically terrible network performance of tunneling TCP-over-TCP. Rather, transforming WireGuard’s UDP packets into TCP is the job of an upper layer of obfuscation (see previous point), and can be accomplished by projects like udptunnel and udp2raw.
The only way this would work is you are becoming intermediate agent and provide obfuscation servers. This effectivity means you are providing a VPN service. Why would I want to handover my data to another party? I hope you have the bandwidth/speed or it will end in tears.
Since the routers UI restricts this function which is allowed in the open source software (openWRT) its not the duty of the customer to find a workaround in another forum, sorry we have a different sense of what customer support shall provide.
Item will get sent back to Amazon…