WireGuard connection to a TP-Link ER605 server

DorinMelinte · December 12, 2024, 6:34am

I am trying to setup my GL-AXT1800 as I travel to be able to coennect, using WireGuard, to my home network. At home I am using a TP-Ling ER605 that has WireGuard server. I have setup the ER605 WireGuard with:
MTU: 1420
Listen port: 51820
Private key: XXXXXXXXXXXXXXXXXXXXXXXXX
Public key: yyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
and the local IP address for the interface: 192.168.0.2

Then I setup the GL-AXT1800 Wireguard as follows:
[Interface]
Address = 192.168.0.2/24
PrivateKey = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=
DNS = 8.8.8.8, 8.8.4.4
MTU = 1420

[Peer]
AllowedIPs = 192.168.0.0/24
Endpoint = XXXXXXX.ddns.com:51820
PersistentKeepalive = 25
PublicKey = yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy

Trying to start he VPN tunnel, it just sits on orange. Looking at the log I am getting this:
Wed Dec 11 23:19:57 2024 user.notice firewall: Reloading firewall due to ifdown of wgclient ()
Wed Dec 11 23:20:50 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Wed Dec 11 23:20:55 2024 daemon.notice netifd: wgclient (17329): Try again: xxxxx.ddns.com:51820'. Trying again in 1.00 seconds... Wed Dec 11 23:21:01 2024 daemon.notice netifd: wgclient (17329): Try again: xxxxx.ddns.com:51820'. Trying again in 1.20 seconds...

xxxxx.ddns.com is my WAn connection IP adrress from my TP-Link ER605 at home which is registered with a dynamic DNS provider.

Any ideas will help.

thank you kindly,
Dorin

bruce · December 12, 2024, 10:20am

On other devices, like cellphones or PC, use the WireGuard App/Software to use this same profile as the AXT1800, is it available?

Does your VPN server router (TP) WAN have public IP address? (NOT CGNAT)

hecatae · December 12, 2024, 11:00am

Are you using TP Omada firmware on your ER605 or Openwrt?

DorinMelinte · December 12, 2024, 1:19pm

On the other devices I do not have VPN clients installed.
On the ER605 I have just the Omada firmware that comes with the router wich has the WireGuard server. And yes the ER605 has a WAN public address.

DorinMelinte · December 12, 2024, 1:20pm

It comes with Omada firmware not Openwrt

hecatae · December 12, 2024, 1:30pm

Just asking, as ER605 v2 supports Openwrt:
https://openwrt.org/toh/tp-link/er605_v2

Omada Stock ER605 Firmware is based on Attitude Adjustment if you have a V1, or Barrier Breaker if you have a V2.

DorinMelinte · December 12, 2024, 1:33pm

Mine is a V2

DorinMelinte · December 12, 2024, 2:23pm

Yes supports it but I do not want to reflash it with Openwrt.....I was wondering if I get the tunnel to work with Omada version. By me all the settings look ok but I cannot get th etunnel to work. On the other hand the OpenVPN component works and I can establish a tunnel between the two.

bruce · December 16, 2024, 2:44am

I mean test the profile on others client, like cellphone/PC to verify if the VPN server works.