Business Community > Gateways > Omada wireguard tutorial
< Gateways

Omada wireguard tutorial

Omada wireguard tutorial

Omada wireguard tutorial
Omada wireguard tutorial
2025-06-25 09:29:29 - last edited 2025-06-26 00:45:16
Tags: #VPN #WireGuard
Model: ER8411  
Hardware Version: V1
Firmware Version: 1.3.2

Hi,

 

Could someone explain a little bit clearer how to configure client-to-site and site-to-site wireguard vpn via Omada controller, because this tutorial:

 

https://www.tp-link.com/ro/support/faq/4298/#_Toc180081550

 

is messy, at least for me. It's not clear what to fill in the IP fields in client's profile, in the server config or peer config, what exactly means each IP class (taken from where, local client's machine, server's LAN etc)

 

Thank you,

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:Omada wireguard tutorial-Solution
2025-06-26 00:45:10 - last edited 2025-06-26 00:45:16

  @CostinR1 

That was a copy from mine on the forum. They deducted many of the explanations. 

Refer to the guides on the forum:

https://community.tp-link.com/en/business/forum/794?labelIds=8760&tagId=640

Recommended Solution
  1  
  1  
#2
Options
7 Reply
Re:Omada wireguard tutorial-Solution
2025-06-26 00:45:10 - last edited 2025-06-26 00:45:16

  @CostinR1 

That was a copy from mine on the forum. They deducted many of the explanations. 

Refer to the guides on the forum:

https://community.tp-link.com/en/business/forum/794?labelIds=8760&tagId=640

Recommended Solution
  1  
  1  
#2
Options
Re:Omada wireguard tutorial
2025-06-27 07:59:32 - last edited 2025-06-27 08:06:30

  @Clive_A 

 

Ok, thank you very much, I've followed the steps and it seems it's activated, but still, after connecting, I cannot "see" the computers in the remote LAN, from the client computer, and I completely loose internet connection

 

I've spent a day testing various configs without success.

 

Below are my configs, I do not understand what is wrong, but that gateway 0.0.0.0 that appears after activating wireguard in the last screenshot seems to be an issue:

 

 

Wireguard server

Wireguard server

 

Wireguard peer

Wireguard peer

 

Wireguard client

Wireguard client

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Thank you,

  0  
  0  
#3
Options
Re:Omada wireguard tutorial
2025-06-27 08:11:52

  @CostinR1 

CostinR1 wrote

  @Clive_A 

 

Ok, thank you very much, I've followed the steps and it seems it's activated, but still, after connecting, I cannot "see" the computers in the remote LAN, from the client computer, and I completely loose internet connection

 

I've spent a day testing various configs without success.

 

Below are my configs, I do not understand what is wrong, but that gateway 0.0.0.0 that appears after activating wireguard in the last screenshot seems to be an issue:

 

 

 

Wireguard server

 

 

Wireguard peer

 

 

Wireguard client

 

 

 

Thank you,

Do you really have a public IP? 
What does the WAN IP look like on the controller interface?

 

Please mosaic your sensitive information. Here is a list of information considered sensitive:

1. Public IP address on your WAN if your WAN is.

2. Real MAC address of your device.

3. Your personal information including address, domain name, and credentials.

For troubleshooting purposes, when a WAN IP is needed, please leave some values visible for identification.

  0  
  0  
#5
Options
Re:Omada wireguard tutorial
2025-06-27 09:21:15 - last edited 2025-06-27 09:32:18

  @Clive_A 

 

Of course, both wireguard server (omada) has a public IP, and the client has a public IP, behind NAT.

 

The omada controller's public IP (or "wireguard server") is 86.124.*.* (last digits intentionally omitted) and that same IP is also inserted in the "Endpoint" field of the wireguard client (fully obfuscated in the screenshot).

 

But I didn't see where to insert the public IP of the client, if it is needed (the client is behind NAT).

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Thank you,

  0  
  0  
#6
Options
Re:Omada wireguard tutorial
2025-07-14 10:33:31 - last edited 2025-07-14 10:59:44

Hi @CostinR1,

 

I see the problem:

  • the Wireguard local IP and the peer's allowed IP must be in the same network range
    • 192.168.0.235 is well outside of 192.168.0.244/30
      • the usable IP range for 192.168.0.244/30 is:192.168.0.245-192.168.0.246
  • this range must not collide with any network used on any LAN

 

if you plan to connect more clients, use bigger allowed IP range as /30 allows only one client.

 

and if you plan to use Android Wireguard client with internal DNS (not any public one as 8.8.8.8) you have to add your LAN network to allowed networks on client side - beside the 0.0.0.0/0

 

 

Woreguard

 

Wireguard Peer

/BR ZoloNN ----------------------------------------------------------------------------------- Omada 2x ER605(UN) v2.0 + SG2008P(UN) V3.20 + SG2218 V1.20 + 2x SG2008 V4.20 + 3x EAP615-Wall(EU) V1.0
  0  
  0  
#7
Options
Re:Omada wireguard tutorial
2025-07-18 05:57:12
Thank you !
  0  
  0  
#8
Options
Re:Omada wireguard tutorial
2025-07-18 07:06:19

Hi @CostinR1,

 

WireGuard itself is quite tricky to configure properly, especially in site2site scenario, where you have to manually setup all the routing.

Fortunately in client2site scenario the routing stuff is silently handled by router.

 

Let me know, if you were successful with the configuration.

 

/BR ZoloNN ----------------------------------------------------------------------------------- Omada 2x ER605(UN) v2.0 + SG2008P(UN) V3.20 + SG2218 V1.20 + 2x SG2008 V4.20 + 3x EAP615-Wall(EU) V1.0
  0  
  0  
#9
Options

Information

Helpful: 0

Views: 673

Replies: 7

Tags

VPN WireGuard
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.