Wire-guard Point to Point server is on cloud with Linux 18.4 OS
I connected other computer as client based on Windows and Linux they work just fine, Good connection and speed.
But when I am trying to setup Openwrt router Device information:
TP-Link Archer C7 v5
It won't work at all . Once connection was established as per implementation provide on openwrt.org, Packets were going back and fourth but no IP change.
Firewall setting I made as per WAN port.
In this setup I have my main router and a TPlink router as DHCP client on WAN port.
Now My Questions are ?
Do I need to setup this router as Client or Server ?
Please copy the output of the following commands and post it here using the "Preformatted text </> " button:
Remember to redact passwords, MAC addresses and any public IP addresses you may have:
Ssh into the router, then issue the commands. You can use an any ssh application - many people use the Linux command line terminal for Linux or Mac, putty for windows.
I assume you have an OpenWrt router with a LAN, all the users in the house are on the LAN side of this router, and the WAN side of this router is connected to your ISP router but nothing else is connected directly to the LAN side of the ISP router. In that case just consider the ISP router as part of the Internet, and the VPN will tunnel through it. No special configuration is needed on it.
Your other clients were road warriors, meaning they were a single machine with a single IP on the VPN. Now you're setting up a whole network on the client side. So on the server, you need to add your LAN IP subnet as allowed_ips for this client. On the router, allowed_ips is 0.0.0.0/0 since you want any site on the Internet to come back through the VPN.
Another approach (used with commercial VPN services where you can't configure the server) is to NAT the local LAN into the VPN tunnel, treating it like an ISP. That is achieved simply by placing the VPN tunnel in the wan firewall zone instead of lan. In that case your road warriors won't be able to reach the local LAN unless you forward ports in the firewall.
Which of these is from OpenWrt? Can you please post the complete network and firewall files from that device, as requested (redact any sensitive information, of course).
I would also guess that the allowed IPs here are completely wrong, but it is hard to tell because we don't really have the right context of what you're showing us.
Although not a hard rule, typically the "server" listens for a connection that is initiated by the "client" -- so if this is the server, it is strange how it is formatted. Aside from this, the network definitions are going to be problematic, for sure. I think your 'server' (if that's what we are looking at) needs to be completely overhauled.
Can you please post your OpenWrt network/firewall config files?
In this Image you can see packets Under WG interface.
But still my IP hasn't change
Ping
PING 10.0.0.8 (10.0.0.8): 56 data bytes
64 bytes from 10.0.0.8: seq=0 ttl=64 time=0.277 ms
64 bytes from 10.0.0.8: seq=1 ttl=64 time=0.318 ms
64 bytes from 10.0.0.8: seq=2 ttl=64 time=0.258 ms
64 bytes from 10.0.0.8: seq=3 ttl=64 time=0.258 ms
64 bytes from 10.0.0.8: seq=4 ttl=64 time=0.257 ms
--- 10.0.0.8 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max = 0.257/0.273/0.318 ms
Realize that Wireguard does not push IPs, routes, or other configuration to the clients like OpenVPN does. Local static configuration is needed on both ends.
please, for the love of all things OpenWrt... just post your config. We could have solved your issue by now if you would have done that when I asked the first 5 times.
