Feature request: Wireguard as a WAN protocol

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions
Author Message
Brett Glass
DD-WRT User


Joined: 16 Jul 2010
Posts: 110

PostPosted: Sat Sep 19, 2020 20:19    Post subject: Feature request: Wireguard as a WAN protocol Reply with quote
We're a wireless ISP whose users would like good, secure, encrypted Internet connections. Now that DD-WRT has incorporated a Wireguard client, would it be possible to add it as a connection option for the WAN port?
Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 4378
Location: UK, London, just across the river..

PostPosted: Sun Sep 20, 2020 17:46    Post subject: Reply with quote
Wireguard is present on the hi-end DDWRT supported routers with large size flash ram...
like Netgear R7800 & R9000 and ect...as they have a good specs... and yes its working on the WAN side...

have a look on those set up guides made by our Guru egc

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324624
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324787
https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135

_________________
Atheros
TP-Link WR740Nv1 -----DD-WRT 46446 BS AP,NAT
TP-Link WR740Nv4 -----DD-WRT 44251 BS WAP/Switch
TP-Link WR1043NDv2 ---DD-WRT 46885 BS AP,NAT,AP Isolation,Ad-Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---DD-WRT 46885 BS AP,NAT,AD/Block,Firewall,Local DNS,Forced DNS,DoT,VPN,VLAN
TP-Link WR1043NDv2 ---Gargoyle OS 1.12.0 AP,NAT,QoS,Quotas
Qualcomm/IPQ8065
Netgear R7800 -----DD-WRT 46885 BS AP,NAT,AD-Block,AP&Net Isolation,VLAN's,Firewall,Local DNS,DoT
Broadcom
Netgear R7000 -----DD-WRT 46885 BS AP,Wi-Fi OFF,NAT,AD-Block,Firewall,Local DNS,Forced DNS,VLAN's,DoT,VPN
-----------------------------------------------------------------------------------------------
Stubby for DNS over TLS I DNSCrypt v2 by mac913
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 8974
Location: Texas, USA

PostPosted: Sun Sep 20, 2020 21:01    Post subject: Reply with quote
The question or request is to add it like the option for auto dhcp, pppoe, mobile broadband, etc. on the main setup page Wink My answer is, come up with the patches and submit them. That usually makes things happen quicker, if at all Cool
_________________
Official Forum Rules, Guidelines & Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum. ---------------------- Linux User #377467 counter.li.org / linuxcounter.net
Brett Glass
DD-WRT User


Joined: 16 Jul 2010
Posts: 110

PostPosted: Mon Sep 21, 2020 1:06    Post subject: Reply with quote
Yep; that's what we'd be looking for. We don't have a development system capable of building DD-WRT, so can we commission the work?
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 8974
Location: Texas, USA

PostPosted: Mon Sep 21, 2020 8:58    Post subject: Reply with quote
I personally would not be inclined if I wasn't receiving a percentage of your "ISP" business' monthly income, if you were making money off my work.
_________________
Official Forum Rules, Guidelines & Helpful InformationFirmware FAQInstallation WikiWhere Do I Download Firmware?
DON'T use Chromium-based browsersRTFM/STFW TL;DR is NOT an excuse. • Why Should I Care What Color the Bikeshed Is?
Please DO NOT PM me with questions; Ask in the forum. ---------------------- Linux User #377467 counter.li.org / linuxcounter.net
blkt
DD-WRT Guru


Joined: 20 Jan 2019
Posts: 2865

PostPosted: Mon Sep 21, 2020 12:49    Post subject: Re: Feature request: Wireguard as a WAN protocol Reply with quote
Brett Glass wrote:
We're a wireless ISP whose users would like good, secure, encrypted Internet connections. Now that DD-WRT has incorporated a Wireguard client, would it be possible to add it as a connection option for the WAN port?
What exactly are you trying to accomplish that is not possible with the current DD-WRT implementation?

WireGuard is a VPN protocol and not a replacement for anything listed in the dropdown for WAN Connection Type.

Yes, I'm ignoring PPTP and L2TP (see Tunnels tab).
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8719

PostPosted: Wed Sep 30, 2020 17:04    Post subject: Reply with quote
At first glance, this seems like a reasonable request. Esp. given what's already available on the WAN. And if it's good enough for WG (Wireguard), why not OpenVPN too. But as I've thought more about it, it actually makes less sense, even for those already supported on the WAN.

To *me*, the only protocols supported on the WAN should be those required to connect to the ISP, period. To do otherwise only creates confusion. For example, PPTP is supported on the WAN, but that feature in layered on top of the underlying connection to the ISP. IOW, the underlying connection to the ISP is still either DHCP or a static configuration, and is obscured by the presence of the VPN. The presence of both only makes it more difficult to distinguish one from the other. And some combinations are not even available (what if I wanted to use PPPoE w/ PPTP or L2TP?!). So for those ppl, we end up having to continue supporting PPTP (or Wireguard) separately on some other page anyway. And now you have duplication. And now add in other options like PBR (policy based routing) and pretty soon things are even messier on the WAN.

IOW, if anything, we should be *decoupling* these VPN options from the WAN, not expanding it. It will reduce confusion, avoid unnecessary duplication, and offer more options for combining ISP required protocols w/ VPN required protocols.

_________________
ddwrt-ovpn-split-basic.sh * ddwrt-ovpn-split-advanced.sh * ddwrt-ovpn-kill-switch.sh (new) * ddwrt-ovpn-watchdog.sh (new) * ddwrt-ovpn-remote-access.sh * ddwrt-ovpn-client-backup.sh * ddwrt-mount-usb-drives.sh
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum