I just picked up a second Gl-Inet devices to act as a “Server”. I currently have a GL-Inet which acts as a “Client” and I use it when travelling and use an external VPN provider with in the Wireguard config to act as a server, which works well. But now, I want to eliminate that VPN provider and create a tunnel via my Home ISP instead with Wireguard, so I bought the second GL-Inet device to act as that other server endpoint at home.
I followed the guide here - WireGuard Server - GL.iNet Docs
I did not get to the stage where I have to configure the Wireguard Client Config on my Gl-Inet endpoint which I’ll be travelling with, simply bc I’m doing some tests from my Mobile Phone (Wireguard installed) to the Wireguard Server at home on the new GliNet which I just setup, and its failing. I basically did as follows:
Created the VPN Server Config as instructed in the above doc. IPs as as follows:
ISP Modem/LAN Default GW: 188.8.131.52
GliNet Router IP - 184.108.40.206
Wireguard Server IP - 220.127.116.11
Wireguard Client IP - 18.104.22.168
Performed Port Forwarding to the Gl.Inet Router Server Box on my Home ISP router.
The VPN tunnel establishes successfully, I can verify both on my mobile and directly on the GL.Inet.
On my mobile phone with some network apps, I basically cannot ping the ISP default GW or 22.214.171.124, the router mgmt IP, the server IP, or itself - 126.96.36.199), can’t ping anything successfully.
5.This file looks good and it seems like the port forwarding is working as the tunnel establishes:
Here is basically my config files, if anyone has any ideas, or if any steps or configurations were missed, that would be great. I made no other custom config or gui changes in the router other than what the document outlined.
Wireguard Server - Client File (this is loaded in my phone app)
Address = 188.8.131.52/32
ListenPort = 7388
PrivateKey = oPyP9drpNytsdfsdfV4GC6lE=
DNS = 184.108.40.206
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = 220.127.116.11:45656 (My Public IP)
PersistentKeepalive = 25
PublicKey = bYXgXKpsfsfsfsfsfsfsfsfsf
option local_ipv6 ‘fdsd:dssd:5:asd::1’
option private_key ‘SPH/sdfsdfdf888d/qu3s2E7sdfsdfSjPG4=’
option public_key ‘bsdfsdf7y7y7777dfrm+ACsfkPDIwM=’
option local_port ‘45656’
option local_ip ‘18.104.22.168’
option access ‘DROP’
option enable ‘1’
config peers ‘wg_peer_7288’
option name ‘john’
option client_key ‘cg5/5Fpv+DsfJljm+Fiqcjz4=’
option private_key ‘sfsfNytRhYsfEV4GC6fsfffsfs=’
option client_ip ‘22.214.171.124/32’
I couldn’t find any docs on the wireguard_server file, not sure what “option access ‘DROP’” entails?