This guide is for setting up WireGuard VPN connections with our service on OpenWRT 18.06
System > Software
> Update list
to ensure it's up to datewireguard
, luci-proto-wireguard
, luci-app-wireguard
Network > Interfaces > Add new interface
> select a name for the interface such as WireGuard
, select WireGuard VPN
from the Protocol of new interface menu
Private key
- value of PrivateKey
from .conf fileListen Port
- leave unchanged (random)IP Addresses
- value of Address
from .conf file
Under Peers
, add the following:
Public Key
- value of PublicKey
from .conf file Allowed IPs
- add 0.0.0.0/0
and ::/0
(each on its own field)Route Allowed IPs
- checkedEndpoint Host
- the Endpoint
value from .conf file (server hostname)Endpoint Port
- leave default (51820)Persistent Keep Alive
- 25
Screenshot example with the correct interface settings.
Open the Firewall Settings
tab for the WireGuard Interface and for Create / Assign firewall-zone
field select the WAN zone
Static DNS servers must be set on the WAN interface so there would be no DNS leaks. In Network > Interfaces > WAN (edit) > in 'Use custom DNS servers' add at least one public DNS resolver such as 1.1.1.1, 9.9.9.9, 208.67.222.222
Save & Apply
and reboot the router. After reboot, check the status of the WireGuard connection in Status > WireGuard Status