Need help with Wireguard server setup on Brume 2

Technical Support for Routers
1

I am by no means an expert on this so I might not understand this as well as you all. Basically, I need to be able to connect to my home network when I travel out of state because some of the things I use depend on my home IP address. I researched and found that I could set up the Brume 2 with a Wireguard Server permanently connected via ethernet cable to my home Xfinity router. My understanding is that after I setup the Wireguard server and the port forward on the router, I should be able to ā€œtunnelā€ in to the Wireguard server, representing my own VPN based on the configuration file generated. Xfinity residential does not have static.

I looked at videos and googled and I canā€™t get it to work.
Here is my connection set up:
Xfinity router > Brume via ethernet cable
I test the connection by switching to my iPhone and trying to connect to the Wireguard server (no avail).

I noticed that as soon as I enable the wireguard server, the internet stops working. I am not sure if that has anything to do wth it.

My steps for setup:

  1. Enable DDNS on Brume settings
  2. Wireguard Server: notate the port 51820 as indicated in that page
  3. Login to my Xfinity app on phone to set up port forwarding. I selected the Brume device and port forwarded to port 51820 UDP/TCP
  4. Restarted the Xfinity router
  5. On Brume settings, turn on (enable) wireguard server
  6. On Brume wireguard server profiles page, generate a DDNS config file / QR code
  7. Connect iPhone using the Wireguard iPhone app by scaning the QR code from step 6
  8. Wait a minute, test a few websites. Internet refuses to pull up any websites.

What am I doing wrong? I feel like I followed the steps I found online. I am super fustrated and I am definitely spinning in circles. I would appreciate any assistance, but please explain it in a step by step/digestable way - this is not a topic I am fluent in.

Here is the wireguard server error log:

Sun Mar 26 01:07:23 2023 daemon.notice netifd: Network device ā€˜wgserverā€™ link is down
Sun Mar 26 01:07:23 2023 user.notice mwan3[21901]: Execute ifdown event on interface wgserver (unknown)
Sun Mar 26 01:07:24 2023 daemon.notice netifd: Interface ā€˜wgserverā€™ is now down
Sun Mar 26 01:07:24 2023 user.notice firewall: Reloading firewall due to ifdown of wgserver ()
Sun Mar 26 01:11:49 2023 daemon.notice netifd: Interface ā€˜wgserverā€™ is setting up now
Sun Mar 26 01:11:49 2023 daemon.notice netifd: Interface ā€˜wgserverā€™ is now up
Sun Mar 26 01:11:49 2023 daemon.notice netifd: Network device ā€˜wgserverā€™ link is up
Sun Mar 26 01:11:49 2023 user.notice mwan3[926]: Execute ifup event on interface wgserver (wgserver)
Sun Mar 26 01:11:49 2023 user.notice mwan3[926]: Starting tracker on interface wgserver (wgserver)
Sun Mar 26 01:11:51 2023 user.notice firewall: Reloading firewall due to ifup of wgserver (wgserver)
Sun Mar 26 01:13:49 2023 daemon.notice netifd: Network device ā€˜wgserverā€™ link is down
Sun Mar 26 01:13:49 2023 user.notice mwan3[7804]: Execute ifdown event on interface wgserver (unknown)
Sun Mar 26 01:13:49 2023 daemon.notice netifd: Interface ā€˜wgserverā€™ is now down
Sun Mar 26 01:13:49 2023 user.notice firewall: Reloading firewall due to ifdown of wgserver ()
Sun Mar 26 01:15:22 2023 daemon.notice netifd: Interface ā€˜wgserverā€™ is setting up now
Sun Mar 26 01:15:22 2023 daemon.notice netifd: Interface ā€˜wgserverā€™ is now up
Sun Mar 26 01:15:22 2023 daemon.notice netifd: Network device ā€˜wgserverā€™ link is up
Sun Mar 26 01:15:22 2023 user.notice mwan3[12959]: Execute ifup event on interface wgserver (wgserver)
Sun Mar 26 01:15:22 2023 user.notice mwan3[12959]: Starting tracker on interface wgserver (wgserver)
Sun Mar 26 01:15:24 2023 user.notice firewall: Reloading firewall due to ifup of wgserver (wgserver)

2

First off, setting up a GL iNet router as a VPN server is not always plug-and-play. It is sad, but in this day and age, networking is still hard and takes time and knowledge. Sometimes the stars align, and using the minimal instructions provided by GL iNet, you can make it work, but most of the time you will be experimenting with settings on both your home router and the GL iNet routers. If the stars donā€™t line up, you may need to find someone who can locally help you.

Per your log, it looks like Wireguard is starting. Are you able to ssh into your Brume 2? If so, what is the output of the command:

wg

Can your post your wireguard server config. Remove any password/key info.

3

I am also having trouble getting Wireguard server configured. I have PIA Wireguard client set up and working great. I am able to configure OpenVPN server and am easily able to connect to my home network and access internet. I wanted to use Wireguard as I understand the bandwith should be considerably faster. I successfully connect, but have no internet and cannot reach my home network.

Do I have to configure a route rule? I am not familiar with that - any suggestions?

4

One word guys (actually may be two): Tailscale.

1 Like
5

Thanks for the suggestion. I will check it out!

1 Like