Configuring Site-to-Site WireGuard on ASUS TUF-AX4200 via 2.5Gbps Port

Hi all,

I'm in the process of setting up a site-to-site WireGuard VPN between two ASUS TUF-AX4200 routers running OpenWrt, and I have a couple of questions:

  1. One of my OpenWrt devices is behind an ISP's WAN router, which also acts as the DHCP server. Can I still establish a reliable site-to-site WireGuard tunnel in this scenario?

  2. Is it feasible to configure the ASUS TUF-AX4200 that one behind an WAN router to use its 2.5Gbps WAN port for this VPN setup?

Your insights and suggestions would be greatly appreciated!


Sure that is possible but at least one router has to be reachable by a public IP address, it does not matter if you are behind another router as long as that router has a public IP address and you can set a port forward to your Asus

No that will not help / is not necessary

For site-to-site setup see:

1 Like

Thank you very much!

Is there an hardware limitation that prevents using the WAN port? I want it just because of the 2.5Gbps

No there is no hardware limitation but as your ISP router probably does not have 2.5 Gb ports it will run at 1 Gb/s but that is no problem as long as you do not expect that it is any faster (WireGuard itself is already much slower than 1 Gb/s on your router anyway, to get WireGuard speed of more than 1 Gb/s you need multicore X86)

1 Like

Ok I see, thanks again

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.