WireGuard and GL-AXT1800 (Two WireGuard connections at the same time)

TSK7MDE · November 16, 2022, 2:28pm

Hello,

I would like to establish two WireGuard connections at the same time with the GL-AXT1800 (outgoing).

But I can only configure one instance at a time. How can I add a WireGuard VPN instance?

I need a connection for the LAN connection (company) via WireGuard and
I need the second connection as a default gateway for the Internet (VPN provider).

How can I configure this? – Two WireGuard connections at the same time.

K3rn3l_Ku5h · November 16, 2022, 6:34pm

I would keep the client for the VPN provider setup on the router and change the router VPN policy to exclude your work laptop and run you company vpn on just that.

Some VPN providers you can run a stable double VPN (Router VPN and device VPN)

Are their other circumstances like you are working from home, but are actually on the beach and don’t want you company finding out?

I do not work for and I am not directly associated with GL.iNet

TSK7MDE · November 16, 2022, 6:53pm

I would like to use two WireGuard connections independently of each other via routing.
So I can control where which traffic goes.

E.g.:

WG0 -->0.0.0.0/0
WG1 -->10.30.1.0/24

It is necessary to be able to use two WireGuard instances at the same time, which is technically possible without any problems but unfortunately the GUI does not allow it…

DienoX · November 16, 2022, 7:18pm

If it’s not a problem for you to use Luci (OpenWRT default and advanced graphics mode), it seems to me that you can do this configuration in a dozen or so minutes. Let me know if you’re interested.

K3rn3l_Ku5h · November 16, 2022, 7:46pm

Post it, sure everyone else would like to know, I was under the impression you could only have one client vpn and one Server vpn running wiregaurd at the sametime. Could you be specific with the firewall config and zones setups.

Thanx

DienoX · November 16, 2022, 7:56pm

With the default GL.iNet interface, you can indeed only have one instance. I didn’t notice this problem in Luci.

TSK7MDE · November 16, 2022, 8:58pm

I have now made the adjustment via the Advanced (Luci) Config…
Of course it would be much better if the GUI (default GL.iNet interface) would give it…

yuxin.zou · November 17, 2022, 1:27am

We are thinking about it.

If anyone else has a similar request, please let me know, thanks.

wcs2228 · November 17, 2022, 1:44am

I think performance/speed will be reduced with 2 Wireguard/VPN, probably same for VPN cascading.

I do not work for and I do not have formal association with GL.iNet

BerryPact · November 17, 2022, 6:28am

I have an interest in this, in a similar way particularly with openvpn using udp as a primary VPN and tcp on port 443 as a secondary VPN when udp cant connect.

Some hotspots only allow HTTP and HTTPS traffic, so it would be great to be able to use the great VPN policy that the GLinet interface allows to connect, but still allow internet traffic as long as at least one tun is up

BerryPact · November 17, 2022, 6:34am

does VPN policy (i.e. excluding certain ip addresses from the tunnel) work with multiple luci configured vpns?

TSK7MDE · November 17, 2022, 3:16pm

I have now configured the whole thing via the Advanced (Luci). It works perfectly with the two tunnels.
Of course it would be great if you could do it all with the GL.iNet GUI (The adjustment shouldn’t take that long for the GUI)

I think the GUI should be revised and allow more than one tunnel from each instance in Route Mode with Customize Routing Rules (WG, OpenVPN).

alzhao · November 18, 2022, 7:53am

This was on the dev schedule actually. Just too big change in firmware 4.x and have to make everthing work correct now before adding more features.

wcs2228 · November 18, 2022, 5:38pm

If or when you add the feature, allow any number of of Wireguard/OpenVPN connections, or someone will request it later

johng · February 2, 2023, 11:54am

To who it may concern,
I’d also like to use this feature from the main GUI as well as assigning clients to each of the VPN tunnels for different services from each VPN connection.
Regards
John

marcog · February 15, 2023, 7:57pm

This would be a killer feature for me. When I travel with family I would like to have multiple Wireguard client connections at the same time, one which provides my devices admin access to my infrastructure, the other one which just secures internet access for the rest of my family.
So multiple VPN clients running at the same time + the ability to route devices connected to those VPNs

Fox · April 14, 2023, 5:45am

I am also looking for this! I was hoping to route traffic through 2 VPNs by policy (IP/domain), so that all google stuff goes through one VPN and my remaining traffic goes through the second VPN.

Also, thank you all for the hard work and long support life of your devices.

fjbo · May 13, 2023, 12:39am

It would be pretty handy! I’m interested in that feature too. Thanks for your work!

Wild_Spy · June 7, 2023, 8:14am

I also need something similar!

I’d like to use one WG connection with a per-domain policy like I have now. And the second WG connection only for guest Wi-Fi. Is it possible now?

yuxin.zou · June 8, 2023, 1:14am

The firmware does not support this configuration at this time.