I purchased a GL-ATX1800. Trying to do a bit of a lab setup before I transfer to location.
In this setup I am connected for internet to WiFi behind my “more robust and expensive” pfsense network.
In this setup I have forwarded port 5182x to the IP address obtained by the GL Net router 192.168.1.122
The LAN address of the router is default at 192.168.8.1
I setup WireGuard server to use 10.204.0.1
I forwarded port 5182x on the GL Net router WAN to LAN 192.168.8.1 but wasn’t sure if that was necessary
Should this setup work for testing purposes. On the client side it shows connecting but not on the WG server logs
Hi,
You may refer to the following steps for troubleshooting.
-
Forwarded port 5182x to 192.168.1.122 (GL router’s WAN IP in the pfSense network) – that’s correct for external access. You can remove that GL - WAN→LAN forward to avoid conflicts.
-
Check the GL - ATX1800’s WireGuard config: Ensure the server listens on port 5182x, and the client config has the correct public IP/DNS of your pfSense network (for external access) or the GL router’s LAN IP (for internal testing).
-
SSH into the GL router and run wg show or check the WireGuard server logs directly. If clients “show connecting” but logs are empty, the traffic might not reach the server (port forwarding/firewall issue).
-
On pfSense, confirm the port forward allows UDP traffic (WireGuard uses UDP) to 192.168.1.122:5182x. Also, check pfSense’s firewall rules – ensure no blocks on incoming UDP 5182x.
Testing: Temporarily connect a client to the GL router’s LAN (192.168.8.0/24) and test WireGuard without going through pfSense. If it works, the issue is in the pfSense port forward or WAN - side config.
Hey thank you for the reply -- after some continued troubleshooting I was finally able to get my pfsense port forward working properly -- that was the issue.
The second issue I had was an "internal" NAT reflection issue that was solved in pfsense as well.
One more question -- any idea how I would get pfsense to allow me access to the 192.168.8.0 subnet created by the GL Net router using the internet from 192.168.1.0 pfsense subnet as the Internet source.?
My continued "lab work" will be much easier if I can access the other subnet while in (conected to) my main pfsense subnet
To enable pfSense to access the 192.168.8.0 subnet of the GL Net router and share its Internet resources, the key steps are:
-
Add a route to the 192.168.8.0 subnet in pfSense, specify forwarding through the GL Net router WAN port (such as 192.168.1.122).
-
In the LAN interface rules of pfSense, allow traffic from the 192.168.1.0 subnet to the 192.168.8.0 subnet.
-
Add a route to the 192.168.1.0 subnet on the GL Net router, specify forwarding through the pfSense gateway (such as 192.168.1.1).
-
If you need to share pfSense Internet, set the GL Net default gateway to the pfSense LAN IP, or configure NAT rules in pfSense to allow GL subnet traffic to pass through its WAN port NAT.
Ensure two-way interoperability through routing and firewall rules, configure NAT or gateway to achieve shared export, so that the two subnets can access each other and share the network.