Idiot's Guide to Configuring Wireguard - Client Tunnel

Post new topic   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Index -> Advanced Networking
Goto page Previous  1, 2, 3, 4, 5, 6
Author Message
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Fri Apr 10, 2020 5:50    Post subject: Reply with quote
Thanks for confirming.

On another note, I am testing the upcoming build which should make the use of a script redundant.

Ther will be a button to NAT out via the tunnel and a button to route the allowed IP's via the tunnel.

So if you enable NAT out and enter in Allowed IP's:
Code:
0.0.0.0/1, 128.0.0.0/1

and Enable Route Allowed IP's via tunnel you should be good.

So unless we find any showstoppers it will be in the next build.

I am looking into adding, box to set Private key, Policy Based Routing, kill switch and status window, but that could all take some time but will be coming as far as I am concerned.

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Sponsor
Hellakenut
DD-WRT Novice


Joined: 22 Mar 2019
Posts: 27
Location: Gamma Quadrant

PostPosted: Fri Apr 10, 2020 6:09    Post subject: Reply with quote
Happy to hear that there's progress. I made a ticket last year suggesting a configuration box to be added to the UI, so I'm glad you are really pushing for these features to finally get included. Smile It goes without saying that it will be greatly appreciated by the DD-WRT community.

Is your Wireguard topic a place I can refer to once these changes are implemented?
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Fri Apr 10, 2020 7:22    Post subject: Reply with quote
Hellakenut wrote:
Happy to hear that there's progress. I made a ticket last year suggesting a configuration box to be added to the UI, so I'm glad you are really pushing for these features to finally get included. Smile It goes without saying that it will be greatly appreciated by the DD-WRT community.

Is your Wireguard topic a place I can refer to once these changes are implemented?


Absolutely, you can also always PM me.
Your contributions are also greatly appreciated Smile

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
JulianAntras
DD-WRT Novice


Joined: 18 Mar 2015
Posts: 30

PostPosted: Fri Apr 10, 2020 7:43    Post subject: Reply with quote
Hellakenut wrote:
I could not get TunSafe working either. Tried both the Wireguard application as well as TunSafe's dedicated program on Windows and Android. Neither works for me.

I scanned TunSafe's forum and their GitHub page and it seems the developer has gone dark for quite some time now. The program hasn't been updated for around two years and nobody is responding to problems being reported in both the forum and GitHub issues page. If TunSafe is having server problems, it is not being communicated at all to their user base.

Personally, I'd suggest you look into a different VPN service.


I installed today tunsafe in Android and works ok, with same free server from them, but i cant put working in ddwrt. Sad
elitedz
DD-WRT Novice


Joined: 30 Mar 2020
Posts: 9

PostPosted: Sat Apr 11, 2020 5:14    Post subject: Reply with quote
egc wrote:
JulianAntras wrote:
I request help to azirevpn, this is the answer.

Quote:
Hello,

DD-WRT actually propose a rather immature implementation of WireGuard, as such we did not successfully set up a tunnel from the Web interface. However it might be possible to write scripts and set-up the interface manually at router booting, which is an advanced procedure that we do not officially support.
If possible, we instead encourage the use of OpenWrt which has a well working implementation of WireGuard.

--
Best regards / Vänliga hälsningar
AzireVPN Support


I need to forget ddwrt and install openwrt Sad


Well OpenWRT is much more complex than DDWRT but true you need to set the private key via nvram parameters and use a script (I have requested our main developer to implement patches I have written to make things much easier but until now he has refused )

You already know what to fill in the GUI.

Two things are a little more difficult:
1. Setting the private key with nvram parameters:
From the GUIDE:
Code:
Note: if you setup to a commercial provider (like TorGuard, Azire) and you get a private key which you need to set (see: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=322822 ), you can do this by telnetting/Putty to your router and do (do not enter the [] ):
nvram set oet1_private=[privatekey]
nvram set oet1_privatekey=[privatekey]
nvram commit
After this Reboot.

2. Under Allowed IP's enter:
Code:
0.0.0.0/1, 128.0.0.0/1

3. Head over to the Wireguard setup thread : https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=1183135
In the second post copy the script from #=====BEGIN until END=== and goto to Administration/Commands paste the script there and Save as Firewall
4. Reboot the router and hope for the best. Others have it running like this but unfortunately you need some basic skills Sad

All support is free Smile



there is no space between 0.0.0.0/1,->128.0.0.0/1 ? the bug still persist ?
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Sat Apr 11, 2020 5:46    Post subject: Reply with quote
In builds prior to build 41643 no spaces were allowed in the Allowed IP's box.

After build 1463 spaces are allowed and are taken care of.

But you do not have to use spaces Smile

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12837
Location: Netherlands

PostPosted: Sat Apr 11, 2020 8:28    Post subject: Reply with quote
I am just testing WireGuard on the new build 42872.
Running on my r7800.

You should no longer need a script for NAT and routing, so please give it a try and let me know.

From your VPN providers settings file:
Enter the local port, Endpoint address and port, set Persistent Keepalive at 25, enter Peer public key, enter IP address and netmask (for conversion: https://kb.wisc.edu/page.php?id=3493)

Enable: NAT via Tunnel
Allowed IP's: 0.0.0.0/1,128.0.0.0/1
Enable: Route Allowed IP's via tunnel

Set private key via the CLI (telnet/putty):
Code:
nvram set oet1_private=enter_your_private_key
nvram commit


Reboot the router and you should be good.

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Goto page Previous  1, 2, 3, 4, 5, 6 Display posts from previous:    Page 6 of 6
Post new topic   This topic is locked: you cannot edit posts or make replies.    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum