Implemented WireGuard Client-to-Site
Implemented WireGuard Client-to-Site
Hello guys,
WireGuard is available on Omada SDN. And that's great - I love it.
But I'm missing the feature to configure client-to-site connections with WireGuard. This option is only available for other VPN protocols like OpenVPN.
Many VPN providers use WireGuard. I think adding the ability to connect via WireGuard would be a big improvement. This is of course already possible with OpenVPN, but the throughput is very low.
Maybe there will be a way to add this feature to one of the upcoming versions.
Best regards
Pascal
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
@pascal585 Hi, I have just got this working now on my gear: client=android, Server=ER7206
It drove me batty no end that there was no way to export a config file or get a QR code to set it up on the android client, so I had to do it in the client using the configure from scratch mode. A lot of hit and miss for days. Then I found this Wireguard Config Generator in WireGuard Tools (I can't post the URL here but the important bit is wireguard (dot) com) and it helped enormously with the numbers I needed to get it working on the client from scratch. Now I can create a client config to make reinstallation easier. But note: you can only use one peer config per client. Can't use the same config on multiple clients that might connect at the same time. STAVROS' STUFF site was helpful with how to create the config file in plain text (ignore the server config file there).
Here's a basic config file explanatory for the client:
[Interface] Address = 192.168.2.2 PrivateKey = <client's privatekey> ListenPort = 21841 [Peer] PublicKey = <server's publickey> Endpoint = <server's ip>:51820 AllowedIPs = 0.0.0.0/0, ::/0
The Address is the local LAN address you want to have on your server's LAN for the client to come in on.
The Endpoint is the public IP of your server. (I have a static IP).
Note also you have to set up a peer on the Server as well (they don't tell you that).
I hope this helps. I can now see my home LAN devices over Wireguard VPN remotely.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
I just bought an ER707-M2 to replace a OPNsense. Unfortunately wireguard is not supported to route only specific clients through it so I have to keep the OPNsense.
As wireguard is performance and setup wise prior this feature should be considered.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 16
Views: 2489
Replies: 14