Wireguard configuration file from Mullvad Linux files


For anyone using Mullvad VPN provider on GL.iNet GL-AR750 router.

I made a little Perl script that takes in input Mullvad’s Linux Wireguard configuration files and creates a GL.iNet’s Wireguard configuration file (/etc/config/wireguard).

Personally, I periodically generate the Mullvad’s Linux configuration files for all countries and servers. Then I extract them in a directory and run the script on them. The script generates from them a single file compatible with GL.iNet’s one. If needed, you can limit the analysis to only some countries, providing a filter (e.g. the filter gb-se-us forces the script to ignore Mullvad’s files related to countries other than gb/se/us).

Please be very careful using the file generated by the script and read carefully the following lines:

  • The script is provided ‘as is’ without warranty of any kind. If you don’t know what Perl is or how to run scripts or how to connect to the router and transfer the file, avoid using it
  • Read the code before using it. No malicious code is contained in the script and no network connection is needed or used while using it; if you know basic programming you can understand the logic and the execution steps of the script (only 260 lines of code, comments included)
  • Before transferring the generated file to the GL.iNet router (/etc/config/wireguard) do make a backup of the existing one
  • I tested the generated file on a GL.iNet GL-AR750 router. I think it’s compatible with other routers but I don’t guarantee it because I cannot test it. If you test it successfully on other routers, please share the information with other users replying to this post
  • Generally speaking, you cannot directly merge an existing Wireguard configuration file (maybe containing configuration from other VPN providers) with the file generated by the script. I’m not an expert of Wireguard / GL.iNet configuration, but it clearly appears that: 1. a ‘header’ exists that must not be duplicated; 2. the directives 'config peers ‘wg_peer_NNNN’ of the configuration file require that the NNNN id is unique (the script take this in count for the file it creates). So, once more make a backup of the existing configuration file before overwriting it with the one generated by the script
  • I tested the following procedure for activating the generated configuration (maybe not all steps are needed, but following them everything runs ok for me): 1. backup (rename) existing Wireguard configuration file (/etc/config/wireguard); 2. transfer the generated file to the router as /etc/config/wireguard; 3. set file permissions to ‘rwxr-xr-x’; 4. reboot the router; 5. check Wireguard configuration and test it

The script is attached as a ZIP file - MullvadConf_Analyze_V03.zip - with following SHA-512 hash: 99CEDA2F8D50645CE0A337ADCD2F63A840055B270DF085EBADAE2B50119DE7AE3F69F3BE317D1752E0EA728AD2BB562631E704E0E96228CDBF96B7157D3174BC

What contained in this post is related to the script contained in attached ZIP. Before using it check the SHA-512 hash of the ZIP.

Bye. LP

MullvadConf_Analyze_V03.zip (2.4 KB)

PS: maybe the script can be used with Wireguard configuration files by other VPN providers, or can be easily adapted to work with them. In this moment I’m using Mullvad and waiting for NordVPN providing a Wireguard-compatible solution, so for me other tests are not possible now.


Thanks for your contribution.