WireGuard Server Fails GL-MT1300

I have a factory reset GL-MT1300 running the latest 3.203 where I set up and configured the WireGuard Server as follows:

IP Address 10.0.0.1
Local Port 51821

I created a client (test) with the following information in the config:

[Interface]
Address = 10.0.0.2/32
ListenPort = 12114
PrivateKey = [CLIENT-PRIVATE-KEY]
DNS = 64.6.64.6

[Peer]
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = [PUBLIC-IP]:51821
PersistentKeepalive = 25
PublicKey = [SERVER-PUBLIC-KEY]

Port forwarding is enabled on the primary router to 51821 and the following port was opened on the GL-MT1300 firewall:

WireGuard 51821 UDP Enabled

I have tried to change the [PUBLIC-IP] to the public ip (routable from my LTE phone), as well as a CNAME that resolves to the DDNS generated by GL-Inet (IP resolves correctly), and no luck. I have also tried to manually change the DNS to the same dns my network uses and no luck. The end result is the server appears online, the client is active and connects but no data can be accessed (for example typing in a public URL in Safari, trying to SSH to a private IP on the LAN. Nothing works.

What I am hoping for:

  1. Setup steps for WireGuard - since they do not seem to be working right now

  2. I have a simple feature request here to allow the user to specify a global hostname and dns settings to be passed on to the client config.

Wirguard has a problem. I seems connected but it may not be true, not like openvpn.

Are you saying that the wireguard server is behind your main router which is LTE? Does it have a valid IP address?

Have you tried to use port 443 other than 51821? Some operators may block some ports. Just need to try.

Hi just to clarify, the ports work fine, I run another wireguard server in a virtual machine on another port and can switch back and forth between them (with different profiles of course). My goal is to set up a wireguard server for a vacation home on the GL-MT1300, so I am testing this here now on a known good network. My ISP gives me a port with no filters, due to the fact that I run enterprise networking equipment at home.

I was using a LTE device as a client to the gl-inet wireguard server - just to test the connection from another network.

My whole point is this is a fresh out-of-box setup and it doesn’t work… I would like to know how to set this up with the current firmware since this is the reason I purchased this.

I see. But I don’t see a problem in your setup.

Do you have any further progress? Can you set the port to default 51820 instead of 51821?

Ok - so i changed the port to 51820 on the GL-MT1300 router. As I mentioned I have another wireguard server running on 51820, but on the external router I set 51821 and forwareded it to the GL-MT1300’s port 51820 so it is default settings from the GL-MT1300’s POV. This port is publicly visible (my ISP blocks no ports). Unfortunately wireguard (on my phone via LTE) indicates it is connected to the GL-MT1300 but no VPN access when I load a browser on the phone.

I wonder if you can generate one config for me to test. I really don’t understand why it is so difficult. Didn’t met any problem of such setup before.

Update - port 51820 worked on my config… I verified the routes that were used and one of the issues had to do with the DNS being blocked (I only allow specific DNS servers from the external router so 64.6.64.6 didnt work.)

1 Like