Hey everyone,
I just picked up a second Gl-Inet devices to act as a “Server”. I currently have a GL-Inet which acts as a “Client” and I use it when travelling and use an external VPN provider with in the Wireguard config to act as a server, which works well. But now, I want to eliminate that VPN provider and create a tunnel via my Home ISP instead with Wireguard, so I bought the second GL-Inet device to act as that other server endpoint at home.
I followed the guide here - WireGuard Server - GL.iNet Docs
I did not get to the stage where I have to configure the Wireguard Client Config on my Gl-Inet endpoint which I’ll be travelling with, simply bc I’m doing some tests from my Mobile Phone (Wireguard installed) to the Wireguard Server at home on the new GliNet which I just setup, and its failing. I basically did as follows:
-
Created the VPN Server Config as instructed in the above doc. IPs as as follows:
ISP Modem/LAN Default GW: 20.0.0.1
GliNet Router IP - 20.0.0.6
Wireguard Server IP - 20.0.0.100
Wireguard Client IP - 20.0.0.99 -
Performed Port Forwarding to the Gl.Inet Router Server Box on my Home ISP router.
-
The VPN tunnel establishes successfully, I can verify both on my mobile and directly on the GL.Inet.
-
On my mobile phone with some network apps, I basically cannot ping the ISP default GW or 20.0.0.1, the router mgmt IP, the server IP, or itself - 20.0.0.99), can’t ping anything successfully.
5.This file looks good and it seems like the port forwarding is working as the tunnel establishes:
/etc/sysctl.d/10-default.conf
net.ipv4.ip_forward=1
net.ipv6.conf.default.forwarding=1
net.ipv6.conf.all.forwarding=1
Here is basically my config files, if anyone has any ideas, or if any steps or configurations were missed, that would be great. I made no other custom config or gui changes in the router other than what the document outlined.
Wireguard Server - Client File (this is loaded in my phone app)
[Interface]
Address = 20.0.0.99/32
ListenPort = 7388
PrivateKey = oPyP9drpNytsdfsdfV4GC6lE=
DNS = 64.6.64.6
[Peer]
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = 1.1.1.1:45656 (My Public IP)
PersistentKeepalive = 25
PublicKey = bYXgXKpsfsfsfsfsfsfsfsfsf
wireguard_server file
config servers
option local_ipv6 ‘fdsd:dssd:5:asd::1’
option private_key ‘SPH/sdfsdfdf888d/qu3s2E7sdfsdfSjPG4=’
option public_key ‘bsdfsdf7y7y7777dfrm+ACsfkPDIwM=’
option local_port ‘45656’
option local_ip ‘20.0.0.100’
option access ‘DROP’
option enable ‘1’
config peers ‘wg_peer_7288’
option name ‘john’
option client_key ‘cg5/5Fpv+DsfJljm+Fiqcjz4=’
option private_key ‘sfsfNytRhYsfEV4GC6fsfffsfs=’
option client_ip ‘20.0.0.99/32’
I couldn’t find any docs on the wireguard_server file, not sure what “option access ‘DROP’” entails?
Thanks!