Certainly but it is an old outdated relase, exactly the "Powered by LuCI openwrt-18.06 branch (git-18.196.56128-9112198) / OpenWrt 18.06.1 r7258-5eb055306f"
I would like to remove the proprietary interface because it only creates confusion, everything I enter on LUCI is not transmitted to the GL.INET CLI, it is just a waste of time.
I understand that in a WireGuard connection, each peer has to have the public key of the other pair and each one has its private key. So I have two WireGuard interfaces. If I use the public key from a single interface, I would have to put the same private key on both clients. That is what I understood in a connection with private and public keys.
Not quite. Each peer has it's own unique private key and public key. The private key is used by the peer to decrypt data and the public key is used by other peers to encrypt data. You can give the public key out to as many other peers as you please, that's the point of a public key. So in the case of an endpoint on a OpenWRT router you only need one WG interface even if you want to connect multiple end devices, you just use multiple peers on that one device.
The keys for each peer are independent, i.e. each device has it's own private and public key. The private key stays on the device and the public key is used on other devices to setup the peer. So if you wanted to connect multiple devices to your OpenWRT router you'd use the router's public key on each of them to create a peer, and then set up multiple peers on the router with each one using a different public key from the devices you're connecting.
I ask if one key depends on the other because I noticed in the Android and Windows application that it only lets me configure the private key and start from it, generate the public one or that's what it seems.
I also see that if I run wg show on the server it shows in allowed ips like (none), on one pair (I can't connect to anything). It seems that the interface does not support having two pairs. So I had to create two interfaces.
Ok @castillofrancodamian finally I managed to configure OpenWrt 19.07.3, I installed all the wireguard plugins, updated opkg and related upgrades, configured network cards, etc. Finally after hours and hours I managed to become the Master of my AR750S device.
Now I need your precious help to correctly set up wireguard server and to be able to connect my clients.
Could you help me with the SSH commands to use to generate the keys?
ok, I generated the keys in /etc/wireguard
Now I need to understand how to paste these keys and how to configure the firewall.
root@OpenWrt:~# cd /etc
root@OpenWrt:/etc# cd wireguard
root@OpenWrt:/etc/wireguard# ls
client-privatekey client-publickey server-privatekey server-publickey
root@OpenWrt:/etc/wireguard#
piccoli passi iniziano a dare qualche risultato, adesso non capisco il perchè la connessione trasmetta una volta attivata la rete wireguard ma non riceve.
Sarà qualche problema legato al firewall?
config defaults
option syn_flood '1'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'REJECT'
config zone
option name 'lan'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option network 'lan WireGuardCrypt'
config zone
option name 'wan'
option output 'ACCEPT'
option masq '1'
option mtu_fix '1'
option network 'wan wan6'
option input 'ACCEPT'
option forward 'ACCEPT'
config forwarding
option src 'lan'
option dest 'wan'
config rule
option name 'Allow-DHCP-Renew'
option src 'wan'
option proto 'udp'
option dest_port '68'
option target 'ACCEPT'
option family 'ipv4'
config rule
option name 'Allow-Ping'
option src 'wan'
option proto 'icmp'
option icmp_type 'echo-request'
option family 'ipv4'
option target 'ACCEPT'