Hi Team,
I am currently running a WireGuard VPN Server on my GL-MT2500 and need some advice regarding client configuration generation.
Here is my current network environment and setup:
-
Device Setup: The GL-MT2500 is connected behind my primary router.
-
ISP Constraints: I do not have a static IP, and my ISP does not allow direct port forwarding on my router. Instead, they allocated a specific external IP address (which is different from my actual public IP) and a specific external port (let's use 1234 as an example).
-
Routing: To make this work, I created a NAT rule on my main router that allows external access by forwarding traffic from that ISP-provided port to the WireGuard listening port on the GL-MT2500.
The Issue / Current Workaround: The VPN connection works perfectly with this network setup. However, when I generate and download a client configuration file from the GL-MT2500, it automatically populates the Endpoint value with my standard public IP and default WireGuard port (which won't route correctly).
Currently, my workaround is to open the downloaded config file in a text editor and manually change the Endpoint field to match the ISP-provided IP and port before saving it to my client devices.
What I need support on:
-
Endpoint Override: Is there a way to globally override the default IP and Port in the device settings (or via LuCI) so that newly generated client configs automatically use the ISP-provided details?
-
Setup Optimization: Given my network constraints, do you have any other recommendations, alternative approaches, or best practices for running this WireGuard setup?