I configured WireGuard VPN Server on my ASUS GT-AX11000 Router recently. Some steps are captured here just in case someone needs it.
VPN Server setup on Router
The first step is to turn this feature on through the router management Web UI. Pay attention to the IPv4 and / or IPv6 address
here. If we need to access it through internet, the address here needs to be a public IP.
Add Client on Router
Then add clients by clicking the +
button. On the new popped up UI, use all the default settings and apply. Once hit apply
button, it will pop up a UI like below, which we can use to configure clients.
At this stage, we have configured the needed private keys and public keys for both server and client sides.
Adjust site to site settings
Site to site settings
is to configure the VPN routing. Click “More Settings for Site to Site Usage” expand the UI like below. For detailed knowledge about the configuration here, please refer to WireGuard website. But simply put, if we want to let the clients to use this VPN to handle all the traffic(e.g. to access internet), put 0.0.0.0/0, ::/0
in the Allowed IPs
and leave others unchanged.
Configure Clients
Install WireGuard on client devices(iPhones, Android phones or computers of Windows, MacOS etc.). Use WireGuard app to scan the QR code from the UI above or import configuration file that we exported from the UI above. Once it’s done, we can just connect/activate this VPN to verify if it works.
Setup DNS in configuration file
If not working, try to manually set DNS. This step is especially needed for iOS devices. We can just use the public DNS from Google. For me, I only have a public IPv6 address, so I modified the DNS to 2001:4860:4860::8888, 2001:4860:4860::8844, 8.8.8.8, 4.4.4.4
to include DNS for both IPv6 and IPv4.