FreshTomato Wiki

User Tools

Site Tools

Trace:
vpn-wireguard

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
vpn-wireguard [2024/09/26 00:45] – [Introduction] -Condense hogwildvpn-wireguard [2024/10/19 18:44] (current) – [Current development status] -Formatting hogwild
Line 3: Line 3:
 ===== Introduction ===== ===== Introduction =====
  
-Wireguard can be configured/run via the web interface, or through the command line interface. Either method lets you you configure Wireguard settings and generate configurations. This page describes how to configure Wireguard through the web interface.+Wireguard can be configured/run via the web interface, or at the command line. Either way lets you configure Wireguard settings and generate configurations. This page describes how to configure Wireguard through the web interface.
  
-To configure Wireguard through the command line interface, see this HOWTO: [[wireguard_on_freshtomato|Set up Wireguard]]+ \\ 
 + 
 +To configure Wireguard via the command line, and for some theoretical background see this HOWTO: [[wireguard_on_freshtomato|Set up Wireguard]]
  
 Regardless of the interface used, you are advised to "nominate" a main router where configurations will be produced. Clients, such as other FreshTomato routers, and other client devices must import the configuration generated by this main router. Relevant configuration changes may require you to delete and reimport the configuration on those client devices. Regardless of the interface used, you are advised to "nominate" a main router where configurations will be produced. Clients, such as other FreshTomato routers, and other client devices must import the configuration generated by this main router. Relevant configuration changes may require you to delete and reimport the configuration on those client devices.
Line 13: Line 15:
  
 The Wireguard web interface menu is a work in progress. It is working/functional since release 2024.1. However some elements have not yet been implemented. This includes: The Wireguard web interface menu is a work in progress. It is working/functional since release 2024.1. However some elements have not yet been implemented. This includes:
 +
 + \\
  
   * External VPN provider connectivity   * External VPN provider connectivity
Line 21: Line 25:
  \\  \\
  
-For this reasonit is best to focus on on site-to-site configurations (as opposed to VPN service providers) until that changes.+For nowonly site-to-site configurations (as opposed to VPN service providers) are //officially// supportedHowever, many people have successfully used the following (unofficial) tutorial to connect to their VPN Provider: 
 + 
 +[[https://www.linksysinfo.org/index.php?threads/wireguard-on-freshtomato.76295/page-23#post-348056|How to Connect to a VPN Provider's Wireguard Tunnel on FreshTomato]] 
 + 
 + \\
  
  
 ===== Type of VPN ===== ===== Type of VPN =====
  
-{{:pasted:20240214-132008.png?519}}\\  \\+{{:pasted:20240214-132008.png?484}}\\  \\
  
 This setting affects the creation of peer configurations. This setting affects the creation of peer configurations.
 +
 + \\
  
   * Hub and Spoke: Any peers can only communicate via the Hub.   * Hub and Spoke: Any peers can only communicate via the Hub.
-  * Full Mesh (defined Endpoint only): FreshTomato will try to create a full mesh among peers with EndPoint defined. +  * Full Mesh (defined Endpoint only): FreshTomato will try to create \\ a full mesh among peers with EndPoint defined. 
-  * Full Mesh: FreshTomato will try to establish a full mesh between all peers. FIXME +  * Full Mesh: FreshTomato will try to establish a full mesh \\ between all peers. 
-  * External VPN Provider - This option is greyed out, as the function is still a work in progress.+  * External VPN Provider - This option is greyed out, as it is still \\ a work in progress.
  
  
-===== Troubleshooting =====+===== Wireguard Notes and Troubleshooting =====
  
-When trying to configure your VPN, please remember these troubleshooting tips:+Please remember these troubleshooting tips when trying to configure your VPN:
  
-  ***wg show** (via the command line) output will help you understand the relationship between peers. + \\
-  ***route** (via the command line) can help you to verify routing decisions while the VPN is connected. +
-  ***traceroute** is a must when verifying end-to-end connectivity. A good approach is to test the following in order: +
-    *Local LAN IP +
-    *Local VPN IP +
-    *Remote VPN IP +
-    *Remote LAN IP+
  
- \\  +  * **wg show** (via the command line) output will help you \\ understand the relationship between peers. 
-The point of failure will provide critical insight into whatever issue you are facing.+  * **route** (via the command line) can help you to verify \\ routing decisions when the VPN is connected. 
 +  * **traceroute** is a must when verifying end-to-end connectivity. \\ A good approach is to test the following in order: 
 +    * Local LAN IP 
 +    * Local VPN IP 
 +    * Remote VPN IP 
 +    * Remote LAN IP 
 + 
 + \\  The point of failure will provide critical insight into whatever issue you are facing. 
 + 
 + \\ 
 + 
 + \\
  
  
vpn-wireguard.1727307927.txt.gz · Last modified: 2024/09/26 00:45 by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki