Wireguard Client to Home Network

I just purchased a GL-AXT1800. I was able to add PIA Wireguard client from the mobile app and it works great. I would also like to add a Wireguard Client to my home Opnsense router. I manually created the client in the web interface and can see the config in /etc/config/wireguard but the config doesn’t show up in VPN Dashboard under VPN Client. I rebooted the router but still no luck. Here isthe relevant Wireguard config lines for PIA and my home Wireguard Server

config groups 'group_7705'
        option group_name 'FromApp'
        option group_type '3'
        option auth_type '1'
        option procedure '0'

config peers 'peer_9128'
        option group_id '7705'
        option name 'app_pia_US_US East'
        option persistent_keepalive '25'
        option listen_port '13322'
        option public_key 'publicKey'
        option end_point ''
        option allowed_ips ''
        option presharedkey_enable '0'
        option local_access '0'
        option masq '1'
        option address_v4 ''
        option private_key 'privateKey'

config groups 'group_952'
        option group_type '2'
        option auth_type '0'
        option group_name 'HomeOpnsense'

config peers 'peer_4074'
        option group_id '952'
        option name 'crawford'
        option persistent_keepalive '25'
        option address_v4 'xx.xx.xx.xx/32'
        option listen_port '33972'
        option private_key 'inetrouterPrivateKey'
        option public_key 'homeGatewayPublicKey'
        option end_point 'myNetwork:port'
        option allowed_ips ''
        option dns 'xx.xx.xx.xx'
        option ipv6_enable '0'
        option presharedkey_enable '0'
        option local_access '0'
        option masq '1'


I don’t know the reason.

But can you just add your config via the UI and check differences?

I did add the config via the UI. The config is in the UI but there is no way to activate it. Below are images of the Wireguard Client config page and the VPN Dashboard.

Firmware 4.0.1 release 3?



Isn’t it a simple as tapping the “rotating arrows” next to the currently selected client and selecting the new one.

Or am I missing something.


I agree that the “Refresh” or “rotating arrows” symbol is not intuitive. As part of beta testing, I suggested in my report that it should be another symbol or button that matches the function.

I do not work for and I do not have formal association with GL.iNet

Yes, you are missing something.

You create a profile in the WireGuard Client section. Then you to go to the VPN client page to activate that client. The issue I am having is I manually created a profile for my home and its is not propagated to the VPN client area so it can be activated. The one in the image I posted shows the WG PIA created via the PIA WG wizard. I would say there is missing code someplace that creates the interface to be activated. Or if it is created the code is missing to add it to the UI.

What shows when you tap the “rotating arrows”.

The rotating arrows are not a refresh but a swap client symbol. Once you click on it you see all the available clients. You then select one and enable it. So yes this is what I was missing. It should be in the documentation. If you do a hover over the system it spells out what its used for. I would never have done that since I thought it was a refresh… And yes you can have multiple configs active. Thanks for being persistent.

1 Like

There are also VPN Policy options if you click on the “Refresh ” or “rotating arrows” symbol next to Global Proxy. The symbol usage is not intuitive and should be changed.

1 Like

Or at least document how to use multiple WG clients.