Guides on 2x routers for VPN?

VPN
1

What resources are out there for people who want to spoof their location using the 2x travel router method?

I used the wireguard server doc from gl-inet and there’s some missing information in here. WireGuard Server - GL.iNet Router Docs 3

Had hoped that it’d be an easy plug and play type deal, then played around with it for hours and had no luck with the config file on my other router. Each time, it failed for whatever reason. Im going to try again in the morning to figure out what i was doing wrong. Im just kind of surprised that the doc is kind of dated, and isnt as detailed as a noob would hope. Also surprised no one has made a YT guide video

For those who have successfully set up a VPN server on a gl-inet router, what configurations do i need to change on the server side; then when uploading the config file, what edits will need to be made when uploading the file to router #2?

I set up port forwarding on the cox modem router for my gl-inet router #1(host server), and then i activated the wireguard server. But i have no idea what MTU/keepalive are? I tried DDNS on and off, no luck. I tried editing a ton of stuff but yeah, to me, the guide was not a true walkthrough and it’s tough to ID what parts i am messing up on.

Any help is appreciated! Thanks

Update: got it to work

Top mistake: port forwarding is not random. If you have another main router, set up port forwarding using the CORRECT PORT. For me, it was 51820.

Other comments: if you have wifi with t mobile, this wont work easily/smoothly, theres probably workarounds, but you’ll need to be tech savvy. Their equipment doesnt allow port forwarding, and replacing their modem router wont work, because they activate it via sim rather than coax cable.

If you have cox panoramic, it will be under the cox wifi app under connect—>advanced settings

  • DDNS seems to be easier now with the 4.x update
2

First off, setting up 2 GL iNets routers is not plug and play. It is sad, but in this day and age, networking is still hard, and takes time and knowledge. Sometimes the stars align, and using their minimal instructions, you can make it work, but most of the time you will be experimenting with settings on both your home router and the GL iNet routers. If the stars don’t line up, you may need to find someone who can locally help you.

In your post you don’t list which GL iNet routers you are using and which firmware. With the newer 4.x firmware, the setup is different then with the older 3.x firmware.

If your home router is not behind a NAT, you will need to forward a port on it to reach your home GL iNet router. This normally means on your home router you will need to assign a permanent IP address to your home GL iNet router,and then forward a port to that address. Wireguard by default uses UDP port 51820 and OpenVPN uses UDP port 1194. You will probably need to setup DDNS unless your internet provider gave you a static IP address.

If your service is behind a NAT, then you are out of luck for a simple setup.

I have successfully been running GL iNet routers as VPN servers for years, so it can work, but its not always easy.

You should contact GL iNet support and let them know the docs need updated. If enough people complain, maybe they will improve them.

3

If port forwarding is needed to be set up on a main router, is there any other steps that should be taken on this router?

What settings should one change on the host server router before configuring the file?

After the file is downloaded and then uploaded to the client router, what settings should one change if any?

4

I experimented with wireguard server a bit on my flint, but a couple of weeks ago, I updated my firmware to the latest beta and enabled tailscale. Everything just works. May be worth a try? No problems so far, and it works with a vpn client enabled simultaneously as well. You can enable downstream routes and wan routes as well if you have another router feeding your glinet router.

5

Appreciate the reply. I’m using the GL.iNet GL-A1300 (Slate Plus) as the host router and the GL.iNet GL-MT3000 (Beryl AX) as the client router, both have the latest firmware.

I set up a port forward for the GL-A1300 as this one will be staying at the house. I’ll be traveling with the Beryl AX.

Yes, i saw that 51820 number a few times last night; not exactly sure what it means though.

When looking at the config files, the listenport is a different number than that

6

I think this person is using the newer GL.iNet routers, so should be using these instructions for the v4 firmware.

7

I did both. Hopefully that wont be an issue. It seems to be working now. I didnt change the external ip either

8

I own multiple GL iNet routers, but none are running 4.x code, as reading the posts on the GL iNet forum, it does not seem stable, so I don’t have any experience with your specific setup. Also the link to the instruction you are using is for the 3.x code, and not the 4.x code. See: WireGuard Server - GL.iNet Router Docs 4

When you did the port forward on your home router, what port did you forward? What port is the A1300 showing for its listening port?

9

Yep, i am. Thanks for the updated instructions, they look more similar to what i was looking at. But to me, they appear very simple. They essentially leave everything as default, which led to me to believe it would be a simple plug and play. I discovered it’s not definitely not, and will attempt to work through it again today. Again, i set up port forwarding, i tried DDNS on/off, but not sure what other settings ill need to change

10

This video doesnt help. Its bare minimum info

11

I see! The port on the cox modem router needs to be 51820, right? I think i just used a random #, prob port 1… the A1300 config file showed differing 5 digit listening ports. Should both be 51820? Why is the listening port changing?

12

To own multiple

Is there a chance I can purchase one today. I’m in a deep mess as I have only one ax 1800 and it’s not booting or working at all for four days now

13

Get the wireguard server running first and use a client config generated there to test the connection, using the wireguard application on a laptop or even a phone. You want to be ‘outside’ your LAN to properly test this. So if on a phone switch off WiFi and used the cellular network to test.

Once you’ve confirmed connectivity then move onto the router you intend to take elsewhere.

14

https://youtu.be/LXbDg1v65Qs

This is the one you need - apologies

15

I would try setting both to 51820. You will probably need to regenerate the config for your travel router.

16

Wooo i think i got it
My main issue was not understanding port forwarding at all. After changing it from “1” to “51820”, it seems to work.
I used the qr code on the wireguard app then searched what is my ip, and it matches the intended ip​:confetti_ball::party_popper:. The router i intend to travel with also matches

17

I activated ddns. Should i have not? It seems to be working

18

Thanks Neil. This one is a lot more useful

19

Whatever gets reported by DDNS you can use in your client config instead.

So, instead of (in my case):

Endpoint = 100.34.33.156:51820

you’d have:

Endpoint = rl26013.glddns.com:51820

This helps take care of the situation where your internet facing modem reboots for example and it gets a new internet facing IP address.

20

It is what I used with a Beryl AX and Slate plus and it works perfectly. Just bear in mind the server will only reach speeds up to the maximum upload speed of the main home router’s connection.