I’ve configured a wireguard client using the next manual config:
IP Address: 10.123.X.X
Private Key: zzzzzzzzzzzzzzzzzzzzzz
Listen Port:
DNS: 8.8.8.8
MTU:
When I click on “Connect” button of “Wireguard Client” menu, after a few seconds the button change to “Abort” button and almost immediately it changes again to “Connect” button. From this moment, the router cant’ access to Internet until I reboot the GL-MT300N-V2, although in the main menu showes the connection to internet.
The problem appears when I connect the GL-MT300N-V2 with the internet router using cable or using wifi connection.
I’ve sniffed the traffic outgoing from the GL-MT300N-V2 and I checked that no udp packet go out from the GL-MT300N-V2 when I click on “Connect” button.
I’ve tried to using other configuration settings like using another dns server, using another value in “Allowed IPs” field as “81.89.32.0/24”, and I’ve tried to using the IP public of my wireguard server in “EndPoint host” field with the vpn port. But the behavior is always the same.
The configuration of my wireguard server isn’t important because no packet outgoing from GL-MT300N-V2 to my wireguard server.
I don’t have a solution for you, but a suggestion as to a path to investigate. The fact there is no outgoing traffic suggests a local config issue. I’m assuming the remote wireguard server is NOT a GL-MT300N-V2.
My suggestion is you create a wireguard SERVER config on your GL-MT300N-V2 and print that out. On the assumption that gl-inet tested their own sever with their own client , presumably this would work if imported . The question this is how does it differ from the one you are using.
e.g. I note my exported config (for the client to use) has:
First, thank for your answer
My remote wireguard server is in a raspberry pi.
Sorry, but I don't understand you when you said: "My suggestion is you create a wireguard SERVER config on your GL-MT300N-V2 and print that out....". I have only one GL-MT300N-V2 so I think I can't trying your suggestion with the client and the server on the same machine.
I've tried to use the "/32" in field "Address", but the result is the same.
Any idea more?
Thanks
My thought was that the issue with the Wireguard Client on the GL-MT300N-V2 was a simple “syntax error” (or similar)
So my suggestion is you configure the wireguard server (with the same settings as you have on the Pi, bar the IP address. Then grab the config from the wireguard server on the GL-MT300N-V2 , edit it to look like what you would expect for the Pi (probably just change the IP address) and use that (as the config in your GL-MT300N-V2 wireguard client)
When I configure my wireguard client, I left empty the field “Listen Port” because this is the client, not the server. I think the client mustn’t listen on any port.
Anyway, when I view my configuration on the Gl.Inet, that field is automatically filled with a number port by the system.
I’ve installed tcpdump-mini packet on the GL-MT300N-V2 and I connect to it with ssh. I’ve sniffed the traffic on the apcli0 interface while I push on “Connect” button of wireguard client menu of gui. I don’t see any udp traffic on the listen port of my wireguard server nor I can see any traffic outgoing toward my wireguard server.
I think that although I would have a problem with configuration, I would see some udp traffic outgoing toward wireguard server, but there isn’t any traffic.
At last, the wireguard client works. My problem was the public key of server, I had some confusing when I copied the public key on the client configuration.
Once I set the correct public key, everything started working correctly.
You must get the correct public key for your client connection from the wireguard server and you must fill the public key field in the connection settings of client wireguard at GL-MT300N-V2
