wireguard server, utility

[James8078 5]

hi,

 

here my setup and why I would need a wireguard server?

I have a router with open wrt firmware, with wireguard and open vpn, I.m using wireguard all the time. So vpn on my router, means that all my devices can use vpn (wireguard) + I also have torguard app on my phone, ipad, pc. I read here and there a lot of thing about wireguard server on PC and peers -clients setup. I'M pretty newbee, english is not my first language but IM not sure about the server if I can have wireguard on my router? I guess it is just about remote access to our system?

 

thanks

[19807409 31]

As last, I do not really understand your question with "can I have wireguard on my router?" if you actually took part in discussion and start this thread with: "I have a router with open wrt firmware, with wireguard and open vpn, I.m using wireguard all the time.."., kinda confusing.

 

In simple steps:

1. you already have wireguard on your router

2. you can install wireguard (original client) on your mobile phone where you easily can add additional peers

3. add new peer to both configs - to your router add mobile and to your mobile add router (with remote DNS, meaning opening wireguard's listen port on your router's wan side if you want to access it over your ISP's connection)

4. Launch your wireguard app on phone and connect

 

If your router is connected to torguard vpn and you have enabled port forwarding for that IP, then make sure you also port forward your wireguard listen port as then your router's wireguard vpn will be reachable for you over that torguard's IP.

 

So, to keep it simple, if you want to be just connected to your network (router) but still use your mobile connections, then in your mobile phone, you add your server peer by just its address (example, your routers interface has 178.1.2.3 is set, then in your mobile phone you set allowed ips to 178.1.2.3/32).

If you want your mobile phone to use your router as gateway (for internet), then you add 0.0.0.0/0. Where if your router connect and uses torguards vpn, then it means your phone would use it.

On that point, you can setup your router to connect to all different torguard IP's with one wireguard interface, then in your phone you can switch and change them easily as you wish, be it by editing or be it by saving them as separate configs.

For mobile connection, I probably would use separate torguard connection to ensure having max speeds and would add all my devices as peers, where of course, if I need port forwarding to my phone, then I can use router connected to torguard ip with port forwarding and forward then wished port over wireguard to my mobile.

So all in all, you do not need openvpn at all and all devices which you mentioned are capable of running wireguard client (google store as well as apple's have it).

For some devices which I use for work, I have to be in specific network, lets say I have to connect to another companies VPN with anyconnect. For such cases, I use wireguard config which has all my devices as peers configured, then after connecting to that companies network, I restart wg interface and am immediately connected to all those devices. With openvpn and other VPN solutions you might run into several issues and troubles when running vpn over vpn, in case of wireguard it is easy.

By that, I guess, wireguard covers quite all needs which one could have being mobile which many understand not just like their mobile phone but in general when they are out of house which includes their work.

As for the language, feel free to write in your language and I am sure there will be somebody speaking it with ability to reply :)

[James8078 5]

27 minutes ago, 19807409 said:

As last, I do not really understand your question with "can I have wireguard on my router?" if you actually took part in discussion and start this thread with: "I have a router with open wrt firmware, with wireguard and open vpn, I.m using wireguard all the time.."., kinda confusing.

 

I

sorry, I meant, I have wireguard on my router, so what is the point to have wireguard server.

also I use vpn policy based routing, so easy to choose wan, different peers etc

[19807409 31]

1 hour ago, James8078 said:

sorry, I meant, I have wireguard on my router, so what is the point to have wireguard server.

You have wireguard on your router means already that you can use it as a server if you want/need. You do not need to setup another interface. By that, you already have everything, there is no server and client for wireguard, there are just peers, it is peer based vpn and if you want other devices to connect to specific peer/s then those need to have their ports open

1 hour ago, James8078 said:

also I use vpn policy based routing, so easy to choose wan, different peers etc

that has nothing to do with wireguard/vpn itself as long as we speak about something that your router does not manage, you can use also multiwan and many other things for your purpose. Once again, there is ton of purposes which one needs including vpn over vpn over vpn ..... and most have different setups, it is hard to guess what exactly you are trying to approach if you do not specify your goal.

I fail to actually understand what exactly you are asking, as that seems not clear to me and you are confused about some words like server, client, peer. What is the question?

Do you ask if you can connect with your mobile phone from outside to your home network over wireguard without to setup additional interface on your router? If that is the question, the the reply is yes and I replied above how to do it.

If the question is, can you do it with wireguard client only, then the answer is yes.

If your quesiton is if you can use TG client on your phone together with wireguard client connected to your home net, then the reply is also yes (with some restrictions and caveats, thats why better using only wireguard origianl client, setup torguard on it and add all peers you need, this last step is not really possible with TG client, but with wireguard client it is).

[James8078 5]

thank you sir, thanks for your time and help.

ok, so,  if I want to acces my home network when Im outside, so with my wireguard on router and torguard, I can do that quite easily, right?

[19807409 31]

47 minutes ago, James8078 said:

thank you sir, thanks for your time and help.

ok, so,  if I want to acces my home network when Im outside, so with my wireguard on router and torguard, I can do that quite easily, right?

you are welcome,

yes, you can do it easily, just add additional peer in that interface for your mobile device, thats all. By that you can add as many peers as you want.

Then, when you create configs for your peers, you can specify where they should be routed. By that you can route multiple devices to multiple different peers within one single config and that in quite a simple way.

In openwrt, install qrencode (opkg install qrencode) and then you can create from each config simply a QR code which is useful for mobile devices, by that, its kinda easiest way to import your config into your mobile device, simply scan the QR code.

 

Here you can see exactly what you ask, and I explain in it how configs etc... are created, if you follow those steps you will have exactly what you want: