Easy to use wireguard client?

I reeeeeeally like the wireguard client that comes with proprietary GL.iNet routers. You get an interface like this:

full docs here. It has a set up wizard which is nice but I can probably do without. When you want to switch servers you go to this page in router settings and select from the drop down. Very simple.

I'd like to ditch the GL.iNet stuff and transition to pure OpenWRT. Is there something comparable available?

I am not clear from the docs what to expect. They are a little too deep in some ways and too shallow in others for my comprehension level. If I missed something I'd be grateful if someone would take the time to point it out.


For the clients, you import the WG client conf file.


so when you want to switch, does it have something like this or do I need to... ssh to the router or something?

You can always import a new profile.
Not sure if the UI can handle multiple profiles in a user friendly manner :frowning:

thanks that what I was asking about. :slight_smile:

A tunnel manager would be a nice feature, but it doesn't really exist in the current WG implementation.

There are two options, though:

  1. don't auto-start the WG interfaces, and then just select the interface you want to start/stop. This can be done via LuCI or CLI -- it's really just leverging the ifup/ifdown commands.

  2. The travelmate package has some tunnel management features. I haven't used these features, but it might do something like what you want.

it doesn't really exist in the current WG implementation.

AFAIK the GLi.Net software runs atop openwrt and should be using the regular wireguard packages. You can even access the Luci interface with it. So it is very much possible, just not available free software.

Unless I am misunderstanding you? Do you think there is something sus about how it's getting done there?

It might even be done primarily in javascript. The workload of loading the page really tortures my devices in a way that basically no other page ever does. On mobile it won't even load half the time. The browser just gives up in frustration. It might be because I have every available server from my provider available in the list.

it is a really nice experience. it might sadly keep me on the stock firmware. and it throws my plans to upgrade the hardware into question.

so for people who use WG client on their routers, every time a website blocks the VPN or it gets slow or something, you ssh into your router and edit a config file or something? Sounds so tedious!

This is the information about travelmate: https://github.com/openwrt/packages/blob/master/net/travelmate/files/README.md

A logical combination of AP+STA mode on one physical radio allows most of OpenWrt supported router devices to connect to a wireless hotspot/station (STA) and provide a wireless access point (AP) from that hotspot at the same time. Downside of this solution: whenever the STA interface looses the connection it will go into an active scan cycle which renders the radio unusable for AP mode operation, therefore the AP is taken down if the STA looses its association.

To avoid these kind of deadlocks, travelmate will set all station interfaces to an "always off" mode and connects automatically to available/configured hotspots.

It sounds like this application is designed to cope with network changes, flakiness or something. However there are about 10 terms in there whos meanings are not known to me. So I could be misunderstanding.

No. This is not the case. GL-inet's firmware is not a "skin" or "theme" on top of OpenWrt. It is a fork of OpenWrt which is modified for their purposes (there are significant changes under the hood as well as the user interface theme/skin).

Depends how you define 'regular' here -- yes, it's coming from the same original source code, but when it is compiled, it must be done as part of the whole toolchain system insofar as to be compatible with the changes they make to the system under the hood.

If you have questions about the operation of gl-inet's firmware, you should ask on their support forums.

1 Like

GPL is so interesting. How these companies jump through and manage to remain in compliance is mysterious to me. But they all do it.

Anyway I appreciate the time taken by everyone to answer the question. Every time I pull my test device out of the cupboard to take another stab at learning I always got stuck with this. I have been trying for 2+ years to find what the packages or configuration is to duplicate the functionality and at least now I can stop looking. :slight_smile: Or start looking for something more approximate to make a hack.

Still curious: day to day, how VPN switching is handled? The above interface is very comfortable. But I guess if everyone else lives without it I can learn. Maybe not a lot of people use VPNs like this anymore? It feels kind of old fashioned sometimes.

Really want to move away from this Glinet especially for reasons of license and like you say being closed up black box who knows what is going on in there. But I also have new hardware ready to go to replace the tortured underpowered little thing. Just need to work out a couple little problems like this and will be ready to go. Forward to liberty.

I have a couple of WireGuard interfaces, in the GUI you can stop and start them.
Usually I use Policy Based routing, make a wifi which uses a particular VPN and a wifi without etc.