Site to Site Configuration

I’ve got a s2s network that is up and running and I’m able to access both routers remotely from each network.

I’d like all website internet traffic to run through my main node when I’m connected to any of my site to site routers (main node and both of my two nodes). Is this possible and how do I set it up?

I’ve searched the forums and can’t find a walkthrough.

I’m think you need this option in your main router settings

Nope. That didn’t do it. I don’t currently have a vpn set up on either router. Do I need one? I was under the impression I could tunnel with site to site.

Site to Site can’t do this.
How about try to set up a WireGaurd server on the main node of Site to Site

I tried doing that as well with the built in gui. It started on my main node router but the second router wouldn’t connect to the first. Do i have to do any additional configuration besides creating the server and a peer user on the main node router and copying the client information into the secondary router?

First, please don’t using VPN and Site to Site at the same time. So, delete the Site to Site network on GoodCloud.
Second, if the router running WireGuard Server is under NAT, you may need port forwarding. The default port is 51820.
Third, after the WireGuard Server is running, export the WireGuard config, test it on WireGuard app on your phone, make sure to only use 4G to test.

1 Like

Perfect. That worked.

I disabled site to site and set up a wireguard on GL-MT300N-V2 (which was my site to site main node). This router is connected to my ISP router. I have port forwarding set up on that router which was working for the site-to-site connection. The site to site port is 51830. I added port 51820 to the ISP router as well.

To anyone else having issues: I left everything default with the gli settings and tested the connection using the wireguard app. It took a few minutes but then I saw transfer and received data in the app. I then configured my client gli router (GL-USB150). Green light is showing now on my client router.



How did you configure the endpoint for the client wireguard devices? I have a dynamic IP from my ISP and this seems to cause an error when I add the no-ip address into the GL-iNet gui? Do you have a different setup or have you a solution for this problem?


Could you explain more detail about your question? Upload some images may helpful.
If you have a dynamic public IP, you can setup a WireGuard server on GL.inet router, then to generate a config, then replace the ip address with a DDNS URL.

Hi Leo, many thanks for the reply! I have previously tried to do what you have suggested unsuccessfully. However, I have tried again and this time with success!! Not quite sure why the difference apart from my error… but that is good news!

That said, I am wanting to test the tunnel now that it is setup but I am nervous to close the other network adaptor and loose access to the router. Can I double check that a green light against the VPN connection is not just a successful connection but also that the tunnel has internet access…?

  1. You mean you have already setup WireGuard Server on GL.iNet router?
  2. If you want to test the tunnel, just use your phone only with 4G connection, and with the WireGuard app to test.
  3. I am not sure why you want to close the other network adaptor, just keep the router connect to internet.

How can we change site to site port from 51830 to any other port number

Reason : I need to make two separate Site to site network under the same Public IP Router. So one Glinet device working as site to site network i want to make another one so i need to change the listen port on 2nd Glinet router from 51830 to 51831, How can i do that?