What's new

Wireguard Wireguard GUI on my asus merlin router

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Right - usually you would set up a WireGuard 'server' Peer on your router as you have identified a requirement to safely/securely access your home LAN from another location via the WireGuard VPN-tunnel.

Correct - although it doesn't have to be a commercial WireGuard VPN provider it could be a family member's home LAN.

NOTE: Unlike OpenVPN, WireGuard doesn't actually have a traditional 'server'/'client' hierarchy - WireGuard Peers are deemed equal.
I understand what you're saying vis a vis the relationship as peers rather than traditional heirarchy. I also appreciate that there are many use cases where for many, they're wanting to establish the higher performing protocol as the entry point for their own network. For others, like myself, I'm primarily utilising the VPNs as a means to take advantage of my American cultural roots despite living in a far off land.

Regarding that, I engage with a large VPN provider (Nord) and had no problem with setting up the instances for udp, testing tcp, etc, to find out how everything performs. I'm not a linux savvy as I may have once been, but I'm also quite capable of digging into a terminal screen and dealing with things at the command line level, with some handy guidance. But, whenever I've tried (multiple times over the past year) to dig in and do the wireguard, connect it to Nord and have my selective routing for devices going through that.....the material that had been out there as guidance ultimately has had my eyes glazing over and I'm just not grokking it.

While a nice gui would be great, I'd also be happy for written instructions around those specific use cases. I also appreciate that it's my problem, and not the collective "yours", and people have other things to do. But should one of those appear, I'd be very grateful to be a test monkey to see how well I can follow instructions. I am interested as well with the why's behind and beyond a simple telling of "what to do"...
 
I'm not as linux savvy as I may have once been, but I'm also quite capable of digging into a terminal screen and dealing with things at the command line level, with some handy guidance. But, whenever I've tried (multiple times over the past year) to dig in and do the wireguard, connect it to Nord and have my selective routing for devices going through that.....the material that had been out there as guidance ultimately has had my eyes glazing over and I'm just not grokking it.

While a nice gui would be great, I'd also be happy for written instructions around those specific use cases. I also appreciate that it's my problem, and not the collective "yours", and people have other things to do. But should one of those appear, I'd be very grateful to be a test monkey to see how well I can follow instructions. I am interested as well with the why's behind and beyond a simple telling of "what to do"...
A GUI is coming, in less than 8 months, but my grokking of things has come significantly further upon reading the README from Zeb's GitHub. (look on the OTHER WireGuard thread here for the link). There are some other web links in that thread you could check out as well which may be helpful (one of my faves being https://www.wireguard.com/netns/ - it really helped get a picture painted in my head)
 
I understand what you're saying vis a vis the relationship as peers rather than traditional heirarchy. I also appreciate that there are many use cases where for many, they're wanting to establish the higher performing protocol as the entry point for their own network. For others, like myself, I'm primarily utilising the VPNs as a means to take advantage of my American cultural roots despite living in a far off land.

Regarding that, I engage with a large VPN provider (Nord) and had no problem with setting up the instances for udp, testing tcp, etc, to find out how everything performs. I'm not a linux savvy as I may have once been, but I'm also quite capable of digging into a terminal screen and dealing with things at the command line level, with some handy guidance. But, whenever I've tried (multiple times over the past year) to dig in and do the wireguard, connect it to Nord and have my selective routing for devices going through that.....the material that had been out there as guidance ultimately has had my eyes glazing over and I'm just not grokking it.

While a nice gui would be great, I'd also be happy for written instructions around those specific use cases. I also appreciate that it's my problem, and not the collective "yours", and people have other things to do. But should one of those appear, I'd be very grateful to be a test monkey to see how well I can follow instructions. I am interested as well with the why's behind and beyond a simple telling of "what to do"...

Slightly off-topic... apologies:cool:

Written instructions for the installation of non-GUI WireGuard Manager on supported ASUS routers:

Enter the following commands (and answer the couple of setup questions as they appear)
Code:
amtm

i

wg

1

import your_VPN_ISP_WireGuard_client_profile

start wg11

NOTE: Using NordVPN you may need to perform some manual tricks to identify/get your_VPN_ISP_WireGuard_client_profile
unlike say MullVad where you simply use their online configurator tool.

To setup the Selective Routing, you can exploit the VPN Director GUI, then clone the rules to work with your WireGuard 'client' Peers

If you can't find the appropriate Guide/solution on @ZebMcKayhan's page:
Zeb McKayhan's WireGuard Manager Hints and Tips Guide
then you can post your query in the Addons WireGuard Manager support forum.
 
Last edited:
N00b-question here:
When you talk about "Wireguard Server" stuff here that's for hosting your own VPN-tunnel right?
Whereas setting up the router as a Wireguard Client is more for connecting it to an external VPN service like for example "Mullvad".
Have I understood this correctly?
(probably not :D)

It's also useful for those on the ever more common CGNAT providers. They are common where I live, and, other services like TMobile home internet use it too. With CGNAT, you don't really get any sort of public IP you can route to from off site, so, you can't really VPN back home in the traditional way. Wireguard and a few others can get around this with some help for self hosted folks, and, zerotier can too if you trust them.
 
Good morning and bumping this thread. So is ultimately the goal for the merlin firmware to see a nice tab for wireguard here:

1655047902644.png
 
I think others have said this is a ways out and needs to have ASUS fully implement WireGuard first….
well...if you take the 8mo timeframe from RMelin earlier in this thread into account and the comment he made about asus migrating something code-wise on their side of things in relation to the current beta he's released (and now pulled), I'd say the 8mo is going to turn out to be just about right...give or take a few weeks either way.
think Close, as in Horseshoes and hand grenades ;)
 
So, now that Wireguard is included in last beta version from Asus stock firmware.. There are plans to do the same in Asus Wrt Merlin?
Perhaps someone has asked this previously, I'm sorry in that case.
 
So, now that Wireguard is included in last beta version from Asus stock firmware.. There are plans to do the same in Asus Wrt Merlin?
Perhaps someone has asked this previously, I'm sorry in that case.
I think it might be getting closer to a test firmware being release within the next few months is my guess. The initial projected timeline was 8 months back in January 2022. So hopefully soon...
 
Last edited:
See this thread. Lots of discussion

 
Suppose you have two OpenVPN clients and the VPN Director rules look like

View attachment 40321

Now if you create the equivalent WireGuard 'client' Peers wg11 and wg12, you can use the wireguard_manager command vpndirector clone

e.g.
Code:
e  = Exit Script [?]

E:Option ==> vpndirector clone

    Auto clone VPN Director rules

    peer wg11 rule add wan 172.16.1.111 comment Core Server
    [?] Updated RPDB Selective Routing rule for wg11

    peer wg11 rule add vpn 172.16.1.123 comment Tablet Streaming
    [?] Updated RPDB Selective Routing rule for wg11

    peer wg12 rule add vpn 172.16.1.99 comment Netflix TV USA
    [?] Updated RPDB Selective Routing rule for wg12


    VPN Director Selective Routing RPDB rules

ID  Peer  Interface  Source        Destination  Description
1   wg11  WAN        172.16.1.111  Any          VPN Director: Core Server
2   wg11  VPN        172.16.1.123  Any          VPN Director: Tablet Streaming
3   wg12  VPN        172.16.1.99   Any          VPN Director: Netflix TV USA
and the corresponding cloned rules (as shown) will be applied/used by the WireGuard 'client' Peers once the default Peer type is changed to Policy Rules using peer wg11 auto=p and peer wg12 auto=p
Hello, I know this is an old thread but followed the above to clone my VPN Director and got this error
Here's mu conf

e = Exit Script [?]
E:Option ==> vpndirector clone
Auto clone VPN Director rules
peer wg11 rule add wan 192.168.1.91 comment Samsung_TV
[?] Updated RPDB Selective Routing rule for wg11
peer wg11 rule add wan 192.168.1.105 comment Amazon_Fire
[?] Updated RPDB Selective Routing rule for wg11
peer wg12 rule add vpn 192.168.1.1/24 comment OVPN1
[?] Updated RPDB Selective Routing rule for wg12
VPN Director Selective Routing RPDB rules
ID Peer Interface Source Destination Description
1 wg11 WAN 192.168.1.91 0.0.0.0 VPN Director: Samsung_TV
2 wg11 WAN 192.168.1.105 0.0.0.0 VPN Director: Amazon_Fire
3 wg12 VPN 192.168.1.1/24 0.0.0.0 VPN Director: OVPN1

Error message -
Invalid Option "2 wg11 WAN 192.168.1.10 0.0.0.0 VPN Director: Amazon_Fire" Please enter a valid option
 

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top