Newbie trying to set up wireguard

lumilumi · December 29, 2025, 10:24am

hi trying to set up wireguard to be used with mullvad VPN speciifically
and i'm running into an issue where it seems like installing mullvad makes the internet dissappear?

this is the guide im using

but im no longer able to connect to the internet through it - seeems something about the settings turned off / interrupted the internet connection to the router but I dont understand what

seems like it might be similar to this issue but i'm not sure how that can help me - still having trouble on learning how to manually edit config files through ssh - very new to all this

egc · December 29, 2025, 10:42am

This is the guide I am using:
WireGuard Client Setup Guide

But for mullvad just create a config file on the Mullvad website and import that in the WireGuard interface then setup the firewall according to the instructions

frollic · December 29, 2025, 10:44am

... which is the same guide you were provided with 3 days ago, in your old thread.

lumilumi · December 30, 2025, 12:39am

I was atttempting to configure by importing a config file and it was claiming an error about the keys being unparseable or incorrect ;w;

lumilumi · December 30, 2025, 1:03am

do you have any idea where I candownload a config file that will work for openwrt one router and mullvad?

i'm having trouble finding one - can't seem to find one on the mullvad site either

lumilumi · December 30, 2025, 3:04am

Disclaimer
I am not trying to be annoying, I really do want to make my router work and I’m not trying to mess with people

I have even lowered my expectations / goals to just trying to get wireguard to work by itself (no more unbound). I have been working on this for ~50 hours straight, reading, researching, scouring forums and learning new terms and how to configure things; ive tried installing both unbound and wireguard and both of them have bricked my router usability in various ways (blocking connection to router, blocking connection to internet, blocking ethernet and remote connections to router). I am using specifically the openwrt one router – which is designed specifically for openwrt – designed to work within this framework and I am following the official documentation for each thing I have tried to install, but for some reason each time I need to reset the router because it becomes unusable somehow.

In all honesty I am having a horrible time with this – the guides are extremely difficult to understand, and it feels like there is information not shared because it’s so commonly known that no one bothers to teach it. It feels like all of the answers I’ve got on here are either unhelpful or just telling me to do something even simpler, but very few concrete solutions or instructions. I feel like I’m getting completely unrelated solutions to what I am typing in as the question, or people telling me I should do something else besides what I’m trying to do.

Right now I’m at a bit of a loss, it seems like the official documentation for both unbound and wireguard are not working for me at all.

what are the expectations of people using this software? Do I need a tech degree to use it?
is this router actually supposed to be layman friendly?
Is this forum the right place for me to ask questions about installing programs on the openwrt one?
Where do I go for help if this is the wrong forum? What am I supposed to do?

egc · December 30, 2025, 6:56am

The Mullvad website is the only place you can download a WireGuard config file as it is a config file for using Mullvad

You pay them so you can of course ask them.

But I also have a Mullvad account.

If you login then it is actually at the first page after login:

WireGuard configuration

If you click on it choose Linux as version and download the config file after generating the key.

My guide is using LuCi (the web Graphical User Interface (GUI)), but also shows the config settings in the config files.

Cannot make it more easy then that

egc · December 30, 2025, 7:15am

We try to point you in the right direction but we are not doing the work for you, we are volunteers with other jobs/businesses to attend to.

OpenWRT is arguably the best router software but it has a steep learning curve so you have to take baby steps, slowly making your way into the OpenWRT eco system.
See: https://openwrt.org/docs/guide-user/start

Oh and if you want to use secure DNS (and that is advisable), then https-dns-proxy is easier to use then unbound but that is just my two cents

But do one thing at a time, always backup your config and know how to reset your router to defaults and start over.

Good luck

frollic · December 30, 2025, 7:20am

you were told this too, in your old thread ...

lleachii · December 30, 2025, 7:42am

Can you explain what step in the documentation you're on when you took this screenshot?
The file from Mulivad should have the following:

private key (unless they allowed you to provide your own)
the interface IP(s) assigned
DNS
Peer configuration
- public key
- endpoint hostname/port
- AllowedIPs

Do you have a file from your provider containing that data?

(It's plain text BTW, so you can open it with a text editor.)

To be clear, you successfully installed Wireguard before attempting to configure it, correct?

(I ask because your screenshot is confusing.)

After your verification, we'll check each step.

lumilumi · December 30, 2025, 9:17am

I genuinely appreciate pointing me to the config files, I was having severe difficulty finding them

lumilumi · December 30, 2025, 9:25am

this was the documentation I used - I installed it - followed this instructions on how to configure it

I have the keys / know how to make new ones if needed - and I succeeded (somewhat) in using combination of luci / uci in the ssh
to configure it

I was having difficulty finding them, but it looks like someone linked me the way to find the config files from mullvad itself (I was looking so hard to find them but I really coulnd't -_-)

I will try those next

yes, successfully installed wireguard - internet is working until I follow the steps to try to set up the wginterface / and like the firewall zones (all listed in the mullvad tutorial just linked)

lumilumi · December 30, 2025, 9:25am

at this point with unbound i've given up on making it [unbound] work - it seems to destroy my internet every time I try installing it and following the openwrt / unbound documentation from this wiki

for this one I was having really hard time figuring out how to input this / I would input the settings thru GUI - cause was having trouble learning how to do the command line version / edit the config files

frollic · December 30, 2025, 9:38am

now you're going off topic again.

the Unbound DoT guide works just fine, you only need to C&P the commands.
I just ran it and still have internet afterwards on router and clients:

root@OpenWrt:~# uci set unbound.fwd_google.enabled="1"
root@OpenWrt:~# uci set unbound.fwd_google.fallback="0"
root@OpenWrt:~# uci commit unbound
root@OpenWrt:~# uci set dhcp.@dnsmasq[0].localuse="0"
root@OpenWrt:~# uci set dhcp.@dnsmasq[0].port="0"
root@OpenWrt:~# uci commit dhcp
root@OpenWrt:~# service dnsmasq restart
udhcpc: started, v1.36.1
udhcpc: broadcasting discover
udhcpc: no lease, failing
root@OpenWrt:~# service unbound restart
unbound: default protocol configuration
unbound: default memory configuration
unbound: default recursion configuration
root@OpenWrt:~# nslookup openwrt.org localhost
Server:         localhost
Address:        [::1]:53

Non-authoritative answer:
Name:   openwrt.org
Address: 64.226.122.113

Non-authoritative answer:
Name:   openwrt.org
Address: 2a03:b0c0:3:d0::1a51:c001

Probably wrong DoT server, but that's not the point.

lumilumi · December 30, 2025, 9:41am

do you know why it would break if I try to change this to use quad 9 instead of google?

(also appreciate your help in showing me what to copy . . . was also struggling figuring that out through all of the documentation)

frollic · December 30, 2025, 9:42am

how can I, I have no idea what you changed and where you changed it.

lleachii · December 30, 2025, 9:51am

Yes, you explained this previously. I guess you misunderstood my inquiry.

From Mullvad?

Your statement lost me, as thier configuration is the only one that would work. Are you saying you were testing by using random (invalid) keys?

If you have the configuration files now, we can assist you.

(You didn't answer the question about the screenshot.)

Anyways, I see you changed topics to Unbound, so I'll digress.

Good luck.

frollic · December 30, 2025, 10:08am

ref: https://blog.grobox.de/2018/what-is-dns-privacy-and-how-to-set-it-up-for-openwrt/

pasting the following into /etc/unbound/unbound_ext.conf gets me on Quad9.

forward-zone:
        name: "."
        forward-addr: 9.9.9.9@853         # quad9.net primary
        forward-addr: 149.112.112.112@853 # quad9.net secondary
        forward-ssl-upstream: yes

also done, not sure if the 1st two are required, the restart def is.

root@OpenWrt:~# uci set unbound.fwd_google.enabled="0"
root@OpenWrt:~# uci commit
root@OpenWrt:~# service unbound restart

lumilumi · December 31, 2025, 4:07am

uci set unbound.fwd_google.enabled="0" uci set unbound.fwd_cloudflare.enabled="0" while uci -q del unbound.@zone[4]; do :; done uci add unbound zone uci set unbound.@zone[-1].enabled="1" uci set unbound.@zone[-1].fallback="0" uci set unbound.@zone[-1].zone_type="forward_zone" uci add_list unbound.@zone[-1].zone_name="quad9" uci add_list unbound.@zone[-1].server="9.9.9.9" uci add_list unbound.@zone[-1].server="149.112.112.112" uci add_list unbound.@zone[-1].server="2620:fe::fe" uci add_list unbound.@zone[-1].server="2620:fe::9" uci set unbound.@zone[-1].tls_upstream="1" uci set unbound.@zone[-1].tls_index="

uci commit unbound service unbound restart

this is what I tried to do based on the ideas in the guide / trying to take out the google dns and change it to the quad 9 servers

lumilumi · December 31, 2025, 7:27am

fresh reset of router - trying just to install basic luci unbound package

got these errors
using openwrt one router - firmware 24.10.5