How to configure WireGuard VPN on Omada Router in Standalone mode?

Knowledgebase
Configuration Guide
VPN
Standalone
03-21-2024
454

User’s Application Scenario

WireGuard VPN is a modern VPN technology that offers high performance and easy configuration. Compared to OpenVPN, VPN performance has been greatly improved. It is very suitable for remote access application scenarios. This article describes how to establish a WireGuard VPN connection between ER605 v2 as well as a Windows PC.

Configuration

Step 1. Configure WireGuard VPN on the router.

1. Go to VPN -->Wireguard--> Wireguard, click Add and fill in the following parameters:

  • Name: test
  • MTU: 1420 (Default is 1420, no need to modify)
  • Listen Port: 51820 (The default port is 51820, which can be modified)
  • The public key and the private key will automatically generate a string of random numbers, which can be modified without modification.
  • Local IP Address: 192.168.0.2 (This is the IP address of the WireGuard VPN interface, it is recommended not to have the same LAN IP as the router)

2. After the creation, click Export in the figure below to export the public key information from the router and send it to the Windows PC.

Step 2. Configure WireGuard VPN on the Windows PC.

1. Download WireGuard VPN software on the PC, please refer to Installation - WireGuard.

2. Open the WireGuard VPN software and choose Add empty tunnel.

3. Record the public key information and fill in the following parameters:

[Interface]

Address = 10.0.0.1/24 (Ensure that the interface IP address for the WireGuard VPN does not overlap with the LAN IP)

DNS = 8.8.8.8 (Note that if this parameter is not filled in, the PC will not be able to access the Internet)

[Peer]

PublicKey = Fill in the public key information exported on the Omada Router

AllowedIPs = 0.0.0.0/0

This parameter has two functions: When sending packets, the list of allowed IPs behaves as a sort of routing table, and when receiving packets, the list of allowed IPs behaves as a sort of access control list. 0.0.0.0/0 means that all data sent by the PC goes to the VPN, reaches the peer and is then forwarded by the Omada router.

Endpoint = 192.168.1.110:51820 (Omada Router's WAN IP address and corresponding port)

4. Save the above configuration as shown below.

Step 3. Configure peer information on the Omada Router.

Go to VPN -->Wireguard--> Peers, click Add, and fill in the following parameters:

  • Interface: test (Choose the WireGurad VPN Interface created just now)
  • Public Key: Fill in the public key information exported from the Windows PC
  • Endpoint and Endpoint Port is the information that needs to be filled in when the Omada Router actively connects to other WireGurad Server, which is not required in this scenario.
  • Allowed Address: 10.0.0.1/24 (The same as the WireGuard VPN interface IP configured on the Windows PC)

Step 4. Connect to the Omada Router using WireGuard VPN.

Click Activate of the WireGuard VPN on the Windows PC to connect to the Omada Router.

Verification process

(1) For the Windows PC:

The Status will change to Active proves that a VPN connection has been successfully established

The PC can access the Omada Router's LAN side.

(2) For Omada Router:

The WireGuard VPN configuration interface displays information about the amount of data transmitted over the VPN and the connection time.

Get to know more details of each function and configuration please go to Download Center to download the manual of your product.

Please Rate this Document

Related Documents