Problems with router as Wireguard client

What is my goal?

I have a router as a travel router.
I would like to log on to a public network via this router when I am on the road and have all clients routed to my home network via wireguard (can be switched on/off if required).

My problem

My Wireguard configuration works perfectly from other clients (Linux, Windows, Android).
In principle, I only have to import the config file there and the respective device is already registered as a client in my home VPN (or my two other VPNs) and all network traffic runs through it.
However, I am failing to configure the OpenWRT router as a Wireguard client as well. Every time I try to configure it, I get no connection (TX=0 and RX=0).

What have I tried so far?

I first went to the Luci interface and tried to load the configuration via the configuration import. Since this was not successful, I made the entries manually to the best of my knowledge and belief. No success so far.
My Wireguard configuration file (which, as I said, is completely sufficient for all other clients to establish a connection) looks like this:

Wireguard config file
Address =
PrivateKey = QG0xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxgF0=
ListenPort = 51820

PublicKey = QM5xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxwk=
PresharedKey = uS9xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxvnU=
Endpoint =
AllowedIPs =

This has now led to the following configuration in /etc/config/network:

config interface 'vpn_example'
	option proto 'wireguard'
	option private_key 'QG0xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxgF0='
	option listen_port '51820'
	list addresses ''
	list dns ''

config wireguard_vpn_example
	option description 'peer_server'
	option public_key 'QM5xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxwk='
	option preshared_key 'uS9xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxvnU='
	list allowed_ips ''
	option endpoint_host ''
	option endpoint_port '51820'

I have also added the network to the wan firewall zone.


logread -e vpn; netstat -l -n -p | grep -e "^udp\s.*\s-$"
Sun Mar 31 10:08:48 2024 user.notice firewall: Reloading firewall due to ifup of vpn_example (vpn_example)
udp        0      0 *                           -
udp        0      0 :::51820                :::*                                -
pgrep -f -a wg; wg show; wg showconf vpn
interface: vpn_example
  public key: 67Ixxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx4DA=
  private key: (hidden)
  listening port: 51820

peer: QQM5xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxwk=
  preshared key: (hidden)
  endpoint: [64:xxxx::xxxx:yyyy]:51820
  allowed ips:
Unable to access interface: No such device

Enable ' Route Allowed IPs ' in the peer section

If that does not help we need to see more of your router setup.

In that case please connect to your OpenWRT device using ssh and copy the output of the following commands and post it here using the "Preformatted text </> " button:

Remember to redact passwords, MAC addresses and any public IP addresses you may have:

ubus call system board
cat /etc/config/network
cat /etc/config/dhcp
cat /etc/config/firewall
ip route show
wg show
1 Like

Thank you very much, that helped. I had included this in a previous config - but not here.
As a result, it at least sent packets but did not receive anything.

So I went troubleshooting and discovered that the port on the server was also wrong.
I have now adjusted this and lo and behold: it is now working - thank you very much!

As it fits in well with the topic, I'll expand my actual topic a little:
My dream configuration would be the following:
I have several VPNs (e.g. home, work, etc.).
Now the router should offer several SSIDs: MyWifi_Home, MyWifi_Work etc.
These should be configured so that traffic is routed via the corresponding VPNs depending on which network you log into.

Is this feasible in principle and if so, does anyone have any configuration approaches for this?

Sure that is all possible, PBR is the magic word see:

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.