Can anyone assist me the proper way to port forward to my desktop with wireguare VPN Client active so that it’ll receive a Wake on Lan packet? Ive tried setting it up several different ways and even made a VPN server to the router hoping that would make it easier. I did activate Services from GL.iNet Use VPN hoping that would help. I also have the DDNS activated so the VPN rotating address shouldn’t be an issue.
Thank you
Wake-on-LAN-enabled computers essentially wait for a “magic packet” to arrive that includes the network card’s MAC address in it. These magic packets are sent out by professional software made for any platform, but can also be sent by routers and internet-based websites. The typical ports used for WoL magic packets are UDP 7 and 9.
(How-To Geek: What Is Wake-on-LAN, and How Do I Enable It?)
Will your PC wake when you’re on the same LAN/‘subnet’? If so, hypothetically, it would be a matter of making the approp. incoming port forwards to your VPN Server → PC’s IP → MAC
My router runs my VPN 24/7. I wasn’t able to get it with VPN client off. I’m away so I tried with VPN server connection. I can’t get a DDNS ping without a VPN server activate no matter how I do my VPN client settings.
I had it set up on my old TP-link pretty quickly but this router is asking for two ports which I don’t recall setting up on my previous one (internal and external).
I also bound my PC to a static IP so I know it’s not changing. (192.168.1.4) I have my magic packet sending through port 7 on the app. I’ve triple checked all my PC settings are correct. I guess I’m not sure what I’m doing wrong with FLINT. I can’t get it either with VPN server connection or without using dynamic dns app.
Maybe I’m not porting through the VPNs to LAN correctly?
I have my ports set external WG client port 7 to LAN internal port 7.
I’ve also done WG server to lan 7&7
I’ve done WG server to Client 7&7 (and vice versa)
Lmfao I’m at my wits ends
So just to be clear & as an ‘off the cuff’ question: when you say VPN Server, you mean a server for the VPN you fully control rather than paying a company like Nord VPN, Express VPN or Surfshark, etc. correct?
Are you still using Proton VPN on your Flint these days?
Correct it’s just a direct WG to my router I control. The client is proton vpn I pay for
Yes I’m using proton client 24/7
If you’re trying to route incoming packets, WoL or otherwise, while your public facing IP is fr Proton VPN as your wgclient , you won’t be able to do it. It’s not a matter of ddns/dyndns or forwards set on the Flint; the only VPN service provider that I’m aware of to allow port forwarding is IVPN. Mullvad used to offer that feature but they’ve recently terminated it. I’ve never used the feature though as I don’t have the need.
Here’s an example incoming path:
Your DynDNS → VPN connection’s publicly facing IP → VPN Provider → Port Forwarding Mapping on your Account → Your ISP-assigned IP → Your Flint → Flint’s Port Forwarding → Your PC
wgclient is the name assigned to the Flint’s interface for a WireGuard connection when using VPN Client, unsuprisingly:
root@GL-AXT1800:~# wg show
interface: wgclient
public key: 26[REDACTED]mE=
private key: (hidden)
listening port: 32
peer: o4[REDACTED]w0=
endpoint: 208.78.41.79:51820
allowed ips: 0.0.0.0/0
latest handshake: 48 seconds ago
transfer: 24.05 KiB received, 12.45 KiB sent
persistent keepalive: every 25 seconds
(Firmware 4.2.1)
The only other alternative I can conceive is to make use firmware 4.2.1’s recently added support for Tailscale for their WG overlay network capabilities. There’s a free tier that should be just fine for your home use. I haven’t used them, either.
From what little I’ve read, you should be able to use their service to create a private WG network. Then, using your Flint, set it as an ‘exit node’ mapped to wgclient running Proton VPN → Proton VPN Server Location of Choice. That should still give your private WG overlay network the security of Proton VPN when out on the ‘hostile net.’
Be aware they’ll be able to potientally access your network as the keys are kept on their machines, not yours (IIRC).
Again, I’ve not used them. I have no need for them.
So ive disabled my VPNs just to see if I can get it to work just normal how my other set up was. I can’t even get the ping to reach my computer that way. I have no idea where I’m going wrong or how this was so easy on TP link
App is able to ping my DDNS (green bulb) it’s going to port 7 and MAC address is correct.
Router port forward shows internal addresses xxx.xxx.x.4 which is correct internal IP bound to MAC. So should be reaching it
Also appears I have port forwarding on Proton VPN as an option.
You’ve got the VPN Client out of the equation. That’s a start. Assuming your LAN is a 192.168.8.0/24 (eg: default IP 192.168.8.1 for the Flint), can you ping your PC (eg: 192.168.8.4, per your screenshots) from a different device (eg: your phone’s 192.168.8.102)?
If so, can you then send a WOL packet to that same IP fr your phone?
App is able to ping my DDNS (green bulb) it’s going to port 7 and MAC address is correct.
Pinging your IP from your DDNS provider doesn’t mean specifically-crafted packets are hitting their target(s) ports (eg: WOL’s :7).
Follow-up
Here are the open ports on my upstream router which feeds my GL-AXT1800:
root@GL-AXT1800:~# netstat -natp 192.168.1.1
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 8773/dnsmasq
tcp 0 0 192.168.10.249:53 0.0.0.0:* LISTEN 8773/dnsmasq
tcp 0 0 192.168.9.1:53 0.0.0.0:* LISTEN 8773/dnsmasq
tcp 0 0 192.168.8.1:53 0.0.0.0:* LISTEN 8773/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2634/dropbear
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 4052/nginx.conf -g
tcp 0 0 0.0.0.0:2049 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:32777 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:32778 0.0.0.0:* LISTEN 6071/rpc.statd
tcp 0 0 0.0.0.0:32780 0.0.0.0:* LISTEN 6072/rpc.mountd
tcp 0 0 127.0.0.1:5453 0.0.0.0:* LISTEN 20430/dnscrypt-prox
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN 2804/rpcbind
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4052/nginx.conf -g
tcp 0 1712 192.168.8.1:22 192.168.8.101:50144 ESTABLISHED 4243/dropbear
tcp 0 0 192.168.8.1:22 192.168.8.101:50145 ESTABLISHED 4343/dropbear
tcp 0 0 192.168.8.1:443 192.168.8.101:53326 TIME_WAIT -
tcp 0 0 ::1:53 :::* LISTEN 8773/dnsmasq
tcp 0 0 fe80::94ae:39ff:fe77:9138:53 :::* LISTEN 8773/dnsmasq
tcp 0 0 :::22 :::* LISTEN 2634/dropbear
tcp 0 0 :::443 :::* LISTEN 4052/nginx.conf -g
tcp 0 0 :::2049 :::* LISTEN -
tcp 0 0 :::32777 :::* LISTEN -
tcp 0 0 :::32778 :::* LISTEN 6071/rpc.statd
tcp 0 0 :::32780 :::* LISTEN 6072/rpc.mountd
tcp 0 0 :::111 :::* LISTEN 2804/rpcbind
tcp 0 0 :::80 :::* LISTEN 4052/nginx.conf -g
Can you see any open ports when trying your Flint’s 192.168.8.1, your ISP assigned IP, then Proton VPN assigned IP?