FreshTomato Wiki

User Tools

Site Tools

Trace: vpn-wireguard
vpn-wireguard

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
vpn-wireguard [2025/09/16 16:21] – [Import Config from file] hogwildvpn-wireguard [2025/11/11 00:07] (current) – [General Troubleshooting] -Change to "point of failure you find" hogwild
Line 99: Line 99:
  \\  \\
  
-**Poll Interval** - WireGuard's PersistentKeepalive setting.+**Poll Interval** - a watchdog timer for the WireGuard connection (in minutes)
  
-This determines how often clients behind NAT send keepalive packets to maintain NAT mappings. +If we can't ping 1.1.1.1 via the WireGuard interface, wg is restarted.\\  \\ FIXME
- +
- \\+
  
   * The recommended setting is 25 seconds. This causes WireGuard \\ to send a small packet to its peer every 25 seconds when no \\ other traffic occurs. This keeps the connection alive through \\ NAT or firewalls that might otherwise close idle UDP sessions. \\ \\    * The recommended setting is 25 seconds. This causes WireGuard \\ to send a small packet to its peer every 25 seconds when no \\ other traffic occurs. This keeps the connection alive through \\ NAT or firewalls that might otherwise close idle UDP sessions. \\ \\ 
Line 293: Line 291:
 ===== Import Config from file ===== ===== Import Config from file =====
  
-Available since r2025.3, this lets you quickly and easily import a pre-generated WireGuard configuration file. This file can come from an external VPN provider, or other source, such as another WireGuard endpoint. Files must be compatible with the wg-quick format (usually ending in "*.conf"). Note that+Available since r2025.3, this lets you quickly and easily import a pre-generated WireGuard configuration file. This file can come from an external VPN provider, or another WireGuard endpoint. Files must be compatible with the wg-quick format (usually ending in "*.conf").
  
 Typically, with an external VPN provider, you choose appropriate settings on their website for the configuration you want. The VPN provider then generates a corresponding configuration file to import. For most providers, this will be a wg-quick compatible file. Typically, with an external VPN provider, you choose appropriate settings on their website for the configuration you want. The VPN provider then generates a corresponding configuration file to import. For most providers, this will be a wg-quick compatible file.
  
-While FreshTomat's function requires file to be wg-quick compatible format for import, it does not maintain that format, or even save configuration file. Instead, after import, settings are divided up and stored in NVRAM as separate variables. To quickly view all the settings, use the "nvram show" command.+Even though FreshTomato requires the file to be in wg-quick compatible format for import, it doesn'save any configuration file. Instead, after import, settings are divided up and stored in NVRAM as separate variables. To quickly view all the settings, use the "nvram show" command.
  
 For example, to display all variables and their settings for the "wg0" interface, type: For example, to display all variables and their settings for the "wg0" interface, type:
  
-"nvram show|grep wg0_" +"nvram show|grep wg0_"  \\  \\ 
- \\  + 
-  \\+ \\ 
 The only exception occurs when you copy a configuration file to a folder on the router and enter a path to that file in the //Config File// field. In that case, that file will be saved as a configuration file, in wg-quick format. The only exception occurs when you copy a configuration file to a folder on the router and enter a path to that file in the //Config File// field. In that case, that file will be saved as a configuration file, in wg-quick format.
  
Line 433: Line 432:
  
 If a link is up, the handshake done and the tunnel established, you should see the peer's interface ID, and the the time of the latest handshake process. You should also see real-time traffic data such as bytes transmitted (tx) and bytes received (rx). These details confirm the tunnel is established and data is flowing through it. If a link is up, the handshake done and the tunnel established, you should see the peer's interface ID, and the the time of the latest handshake process. You should also see real-time traffic data such as bytes transmitted (tx) and bytes received (rx). These details confirm the tunnel is established and data is flowing through it.
 +
 + \\
  
 For example, for this WireGuard instance: For example, for this WireGuard instance:
- 
- \\ \\ {{::vpn-wireguard-status-2025.3.png?473}} 
- 
-\\ 
  
 The first block of text includes this router's: The first block of text includes this router's:
Line 447: Line 444:
   - UDP listening port   - UDP listening port
  
- \\+ \\ \\ {{::vpn-wireguard-status-2025.3.png?473}} 
 + 
 +\\
  
 The second block of text displays the Peer's: \\ The second block of text displays the Peer's: \\
Line 485: Line 484:
     * Remote LAN IP     * Remote LAN IP
  
- \\  The point of failure found will provide critical insight into the type of issue you are facing.+ \\  The point of failure you find will provide critical insight into the type of issue you are facing.
  
  \\  \\
vpn-wireguard.1758036090.txt.gz · Last modified: by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki