I am using a Wireguard Site-to-Site VPN setup using two Glinet routers (Flint 2 & Slate AX).
Could someone please help me what are the options I should disable/enable to prevent IP or DNS Leaks on both Server and Client routers, I see the below options.
Server
Wireguard Server Options:
Remote Access LAN - On
IP Masquerading - On
MTU - 1420
Client to Client - Off
i work in the USA, using my employer's laptop. But sometimes I may have to travel to some other countries like Canada, India, etc., and for the same reason I have made the Wireguard Site-to-Site VPN using two routers (Server and Client) to use my home ISP IP wherever I am and my other country IP or location should not be visible.
Wireguard Site-to-Site VPN setup is working fine and I am using my USA home IP from another country. I have enabled the block Non-VPN traffic option on my Wireguard Client router.
Just want to make sure if I am missing anything or if is there any other option I have to disable or enable so that it seems like my connection is always from the USA with my home IP.
OK. We can forget about the "Site-to-Site" concept because you are doing a Clinet-Server setup.
As you have set up the vpn client and server so let's omit the setup.
Flint 2 is the vpn server at your home, and
Slate AX is the vpn client with you when travel.
On the server nothing need to worry. Just remember what is your home IP address.
On the client (Slate AX), first make sure you upgrade to firmware 4.6.4 because it fixed some DNS leaks.
After vpn is connected, check the following. Better not on your work laptop.
Your IP address. Make sure it is your home IP, e.g. google, ipleak or whatismyipaddress etc.
Check dns leaks using www.dnsleaktest.com or other website. All the dns should be the dns from your ISP. You can see the dns server locations. Should not have and dns server from the location where you are
i did the below DNS leak test for both cases directly on my USA home internet, from Comporium ISP, and using wireguard client from different using my USA home IP config.
It shows that I am using dnsservice. How can I avoid this, as my home IP is DHCP? I enabled Dynamic DNS on the Glnet Flint 2 router (Wireguard Server) and used the DNS entry name given by the Glnet router ending with glddns.com on the Wireguard client config file instead of IP, as IP can change.
Is this bad instead of showing my home ISP, it shows ISP as Security Services, how can I prevent this, also which setup is the best one for my use case Site-to-Site VPN or Server/Client Setup? I am under the impression both are the same.
if different how can I make a Site-to-Site VPN setup to use my USA home IP wherever I travel?
I am getting very bad speeds when use wireguard client in slate glnet routers in USA & India. In USA it was working great, but same config file if i use on router in India i am getting only 5–10 mbps speed
