WireGuard Client Configuration

jaredoconnor · December 8, 2022, 1:14am

I'm struggling to figure out how the UCI WireGuard client configuration works.

The documentation says that it should take the form below.

uci set network.wgserver="wireguard_${WG_IF}"

However, a post on the forum contains configuration that has the form below.

uci set network.wireguard_${WG_IF}="wgclient"

Can anyone advise which one is correct?

psherman · December 8, 2022, 1:18am

If you’re trying to setup the peer as a client, the second one would seem to the the right one.

But what are you setting up, exactly? Are you trying to connect to a commercial vpn provider? Or a road warrior configuration? Or site to site?

jaredoconnor · December 8, 2022, 7:28am

I'm connecting to a commercial VPN provider. They provide OpenWrt instructions, but only for LuCI. I don't use LuCI, so I'm trying to figure out how to do it directly in UCI. Does that affect your answer at all?

psherman · December 8, 2022, 7:33am

You could just directly edit the network and firewall config files and not worry about the uci syntax that those scripts are using. The fact is that it may be easier and/ or faster.

trendy · December 8, 2022, 11:30am

The post doesn't contain any uci commands, just the configuration files. Running the uci commands in the wiki will result in:

config wireguard_vpn 'wgserver'
        option route_allowed_ips '1'
        option persistent_keepalive '25'
        list allowed_ips '0.0.0.0/0'
        list allowed_ips '::/0'
...

or in uci show

network.wgserver=wireguard_vpn
network.wgserver.route_allowed_ips='1'
network.wgserver.persistent_keepalive='25'
network.wgserver.allowed_ips='0.0.0.0/0' '::/0'
...

jaredoconnor · December 9, 2022, 4:07am

My bad. You are right! Case closed.