You were talking about the DDWRT public key, you do not have to set that, the one you are referring to is the Peers public key, (of course you have to set it in the Peer section in the DDWRT GUI but it is not the Public key from the DDWRT router, it is the the Public key of the Peer).
Joined: 18 Mar 2014 Posts: 12922 Location: Netherlands
Posted: Mon Apr 06, 2020 11:32 Post subject:
Patience is my middle name
1. You have a private key, there is no box to enter your private key in the GUI. You have to enter that with nvram parameters as described in the guide.
2. You have a Peer Public key, you enter that in .... Peer Public Key
3. You do not have a preshared key so yo do not fill in any
1. You have a private key, there is no box to enter your private key in the GUI. You have to enter that with nvram parameters as described in the guide.
I dont see this in the manual can you point where in the manual is this?
Example:
Quote:
[Interface]
PrivateKey = YEAAAAAAAAAAAAAAAAAAAAAAAAAAA=
Address = 10.239.140.13/8
DNS = 1.1.1.1
DD-WRT actually propose a rather immature implementation of WireGuard, as such we did not successfully set up a tunnel from the Web interface. However it might be possible to write scripts and set-up the interface manually at router booting, which is an advanced procedure that we do not officially support.
If possible, we instead encourage the use of OpenWrt which has a well working implementation of WireGuard.
--
Best regards / Vänliga hälsningar
AzireVPN Support
Joined: 18 Mar 2014 Posts: 12922 Location: Netherlands
Posted: Mon Apr 06, 2020 14:24 Post subject:
JulianAntras wrote:
I request help to azirevpn, this is the answer.
Quote:
Hello,
DD-WRT actually propose a rather immature implementation of WireGuard, as such we did not successfully set up a tunnel from the Web interface. However it might be possible to write scripts and set-up the interface manually at router booting, which is an advanced procedure that we do not officially support.
If possible, we instead encourage the use of OpenWrt which has a well working implementation of WireGuard.
--
Best regards / Vänliga hälsningar
AzireVPN Support
I need to forget ddwrt and install openwrt
Well OpenWRT is much more complex than DDWRT but true you need to set the private key via nvram parameters and use a script (I have requested our main developer to implement patches I have written to make things much easier but until now he has refused )
You already know what to fill in the GUI.
Two things are a little more difficult:
1. Setting the private key with nvram parameters:
From the GUIDE:
Code:
Note: if you setup to a commercial provider (like TorGuard, Azire) and you get a private key which you need to set (see: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=322822 ), you can do this by telnetting/Putty to your router and do (do not enter the [] ):
nvram set oet1_private=[privatekey]
nvram set oet1_privatekey=[privatekey]
nvram commit
After this Reboot.
2. Under Allowed IP's enter:
Code:
0.0.0.0/1, 128.0.0.0/1
3. Head over to the Wireguard setup thread : https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
In the second post copy the script from #=====BEGIN until END=== and goto to Administration/Commands paste the script there and Save as Firewall
4. Reboot the router and hope for the best. Others have it running like this but unfortunately you need some basic skills
2º- Telnet
nvram set oet1_private=[privatekey]
nvram set oet1_privatekey=[privatekey]
nvram commit
reboot
3º- Go to Setup / Tunnels
Wireguard
Configured the rest fields like this
https://i.imgur.com/1ifFE2B.png
Under Allowed IP's enter: 0.0.0.0/1, 128.0.0.0/1
Joined: 18 Mar 2014 Posts: 12922 Location: Netherlands
Posted: Mon Apr 06, 2020 18:24 Post subject:
JulianAntras wrote:
1º- Reset the router
2º- Telnet
nvram set oet1_private=[privatekey]
nvram set oet1_privatekey=[privatekey]
nvram commit
reboot
3º- Go to Setup / Tunnels
Wireguard
Configured the rest fields like this
https://i.imgur.com/1ifFE2B.png
Under Allowed IP's enter: 0.0.0.0/1, 128.0.0.0/1
But its not working
With the openVPN i have a status where i can check a log, wireguard dont have a status to check log?
I took a look at your picture and I assume you are not done configuring, the port and endpoint address (you can use an url like nl1.wg.azirevpn.net) do not resemble the ones your windows/android client are using, and the allowed IP's are also not setup, you really must use: 0.0.0.0/1, 128.0.0.0/1
You IP address looks like it could be good, your netmask is probably wrong (although it does not matter much in this case) usually VPN providers specify an /8 netmask that is CIDR notation for 255.0.0.0
So just fill in the boxes according to my instructions with the settings (like endpoint address and port number) which you know are working for your windows client.
Also you need to set Keep Alive at 25
Set the private key with nvram, paste the script in the firewall, reboot the router and keep your fingers crossed.
If it is not working post another screenshot of your settings page, post router model and build number and post the necessary information form the Troubleshooting section in the back of the guide
About setting with manual commands the private key wont work with some keys.
Code:
nvram set oet1_private=bOGxt5Wk5fi77zJPlXs+jiu5cXksq/SiRzq3s6clZZM=
nvram set oet1_privatekey=bOGxt5Wk5fi77zJPlXs+jiu5cXksq/SiRzq3s6clZZM=
nvram commit
reboot
Code:
wg showconf oet1
[Interface]
ListenPort = 51840
PrivateKey = aOGxt5Wk5fi77zJPlXs+jiu5cXksq/SiRzq3s6clZVM=
Seems DDWRT change this type of key, look now the key start with aO but the key original starts with bO.
Joined: 18 Mar 2014 Posts: 12922 Location: Netherlands
Posted: Thu Apr 09, 2020 14:37 Post subject:
The fact that other providers do not give problems led me to believe that this free VPN provider (so there is no support) uses a different BASE64 encoding dialect then most others.
I have taken a look at TunSafe and also with Android and Windows clients I could not get it working.
Joined: 22 Mar 2019 Posts: 27 Location: Gamma Quadrant
Posted: Thu Apr 09, 2020 21:46 Post subject:
I could not get TunSafe working either. Tried both the Wireguard application as well as TunSafe's dedicated program on Windows and Android. Neither works for me.
I scanned TunSafe's forum and their GitHub page and it seems the developer has gone dark for quite some time now. The program hasn't been updated for around two years and nobody is responding to problems being reported in both the forum and GitHub issues page. If TunSafe is having server problems, it is not being communicated at all to their user base.
Personally, I'd suggest you look into a different VPN service.