I am running wireguard on an AX86U now - works well!Hello everyone. I've just joined the forum. I have a question: is there support for wireguard on RT-AX86U in this (386.5) beta version?
I have currently release 386.4 installed and it works flawless. Thanks.
Many thanks!! I'll go through it as soon as I can.I am running wireguard on an AX86U now - works well!
There is a wireguard kernel module and a helper script (wg-quick) in the present 386.5 beta - Asus is planning on full support (GUI setup etc.) in the future.
For now, I am using @Martineau wg_manager add-on, available via amtm. Here is some good documentation written by @ZebMcKayhan :
GitHub - ZebMcKayhan/WireguardManager: Manage/Install WireGuard on applicable ASUS routers
Manage/Install WireGuard on applicable ASUS routers - ZebMcKayhan/WireguardManagergithub.com
It takes care of not only creating the .conf files needed by wireguard but also sets up various iptables rules. Good stuff!
Many thanks!! I'll go through it as soon as I can.
Are you using release 386.4 or beta 386.5 1. I mean, can I run that add-on on stable version? Or have I got to upgrade to beta?
Thanks a lot!
I was running it on 386.4 and now 386.5 Beta.Many thanks!! I'll go through it as soon as I can.
Are you using release 386.4 or beta 386.5 1. I mean, can I run that add-on on stable version? Or have I got to upgrade to beta?
Thanks a lot!
I'm an Alt-F4 guy myself.I'm a Shift-F5 guy...
That is very hard to tell. Everything depends on how many breaking/problematic issues are reported and how much spare time RMerlin has to fix them or create a stable release.What is the usual 'time frame' from a Beta release, to a stable one?
@JGrana, @Jeffrey Young, thanks for you help. I will try it as soon as I can.
What is the usual 'time frame' from a Beta release, to a stable one?
Well, my initial purpose is installing wireguard on the router as a client for my VPN provider and protect all my home devices in this way.@juanantonio , I just checked AMTM. You can install the Wireguard Session Manager now via AMTM (option wg). I follow the wireguard session manager forum post - that script has really exploded in features, but I have not used it myself. I have my Wireguard server on another Ubuntu PC at the moment. When my WG server was hosted on the rourter (AC86U), it worked well. My only issue was (at the time, using another script born here), all my config files were wiped every time WG was updated by entware. Hence why I moved off the router. I don't believe the current Wireguard Session Manager has this issue.
Oh, sorry for my last comment. I've just launched amtm on my router and I can see there is a menu option for installing Wireguard Session Manager. Is this all I need to run?@juanantonio , I just checked AMTM. You can install the Wireguard Session Manager now via AMTM (option wg). I follow the wireguard session manager forum post - that script has really exploded in features, but I have not used it myself. I have my Wireguard server on another Ubuntu PC at the moment. When my WG server was hosted on the rourter (AC86U), it worked well. My only issue was (at the time, using another script born here), all my config files were wiped every time WG was updated by entware. Hence why I moved off the router. I don't believe the current Wireguard Session Manager has this issue.
Ahh.. Ok. First I need to instal entware via amtm, then install wireguard. I will give it a try.I was running it on 386.4 and now 386.5 Beta.
You will need to install Entware (and a swap file is recommended) using amtm on a USB storage device. Then install wg_manager.
Easy stuff ;-)
the above is correct but not complete. My bad for being incomplete.OK that's something I can't test, but maybe someone else can.
So have I got this correct:
1) Your router is running an L2TP client for the entire LAN.
2) Various PCs on the LAN may sometimes enable their own VPN client using OpenVPN, Wireguard, ExpressVPN Lightway or IPSec/IKEv2.
3) The PC VPNs are being tunnelled through the router's L2TP client.
If all the above statements are true I can't see why it would be a NAT passthrough issue as none of the PC clients are using it (their traffic is tunnelled) and neither is the router. Also, as far as I can see the NAT passthrough code hasn't changed for years.
Thanks for the update. There are too many variables for me to hazard a guess where the problem lies. For example, if I change my router for a different one it will get a different public IP address. This in turn might be on a blacklist whereas the previous one wasn't.the above is correct but not complete. My bad for being incomplete.
Default clients run the router vpn. But the clients that use their device client vpn are not always routed through the router VPN. Some clients (my own for example) are not using the VPN on the router and bypass those are not working properly.
If the L2TP client is not active on the router, I notice that clients are blocked with the 2 asus routers that I have. The moment I run them through a different router (e.g. cisco) the clients all work excellent.
Welcome To SNBForums
SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.
If you'd like to post a question, simply register and have at it!
While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!