Suffering to configure Wireguard - I need some help - [SOLVED]

Unfortunately it didn't work... :sweat:

Router restarted...
Endpoint changed on phone...

I'm going to do a test by generating a new pair of keys on the router and on the phone...

I think that by changing the endpoint and testing via Wi-Fi, it should connect immediately.

In any case, I would really like to thank you for your help!

To be clear, the keys must be exchanged properly. There are 4 keys:

  • OpenWrt: private key --> this does not get transferred. The private key exists in the interface stanza for the wireguard configuration.
  • OpenWrt: public key --> this one is derived from the private key above; this must exist in the wireguard peer configuration section on the phone. From the phone's perspective, it is the peer's public key.
  • Phone: private key --> this does not get transferred. The private key exists in the interface stanza for the wireguard configuration on your phone.
  • Phone: public key --> this one is derived from the private key above; this must exist in the wireguard peer configuration section on OpenWrt. From OpenWrt's perspective, it is the peer's public key.

Returning to the post to leave feedback...

I have a problem with the port or opening the port, as I was able to connect to the server using the local network, but I cannot connect via the internet in any way.

I think my provider may be blocking port 51280 in the udp protocol...

I'll make new attempts soon.

Thank you all for your help!

Wireguard now, is working well!! :sweat_smile:

The test I did to determine was the following:

I have openvpn working correctly on this server, on port 1194...

I configured port 1194 on the Wireguard interface and on the phone, so I connected without problems to the router via the internet...

I returned port 1194 to the openvpn configuration...

I configured port 1195 in the wireguard interface and in the phone settings and I managed to connect...

:clap: :clap: :clap: :clap:

The whole joke is up to my ISP, who is probably blocking port 51820...

One question: Can I configure a DHCP server on this Wireguard interface? Would it be enough to activate it and define the rate I want for my clients?

No. WG peers are assigned a static IP in the WG subnet. There is no mechanism for WG to request (or offer) DHCP leases.

1 Like

Yes @psherman ...

I found this explanation on this site:
https://nologs-vpn.com/wireguard-dhcp

Thanks for all help...

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.