Since DAL OS firmware 24.3.28.88 Support for WireGuard (WG) VPNs has been added.
WireGuard is a VPN protocol that operates at the network layer to provide communication between devices over a public network (more info on WireGuard website: https://www.wireguard.com/).
A DAL router can be configured in two WireGuard modes:
· Client mode: the DAL router establishes an outbound WireGuard VPN tunnel to a remote server
· Server mode: one or more remote devices can establish an inbound WireGuard VPN tunnel to the DAL router
In this article, is shown how to configure a DAL router as a WireGuard client.
WG Server
In this example, we will not go into details about how to configure the server side, but we suppose a WG server is enabled to receive connections from WG clients.
Most of the WireGuard servers provide a configuration file that can be used on the clients to connect. In this example, the server provides the following:
Basing on that, the WG client will be configured on the DAL router in next step.
WG Client configuration on the DAL router
1. Browse to System > Device Configuration > VPN > WireGuard and add a WG Tunnel:
In the Peers section, click on Add Peer and configure the Peer as following:
In the main WG tunnel section, configure as following:
2. Create the WG Interface (System > Device Configuration > Interfaces):
3. Static route: It will be needed a static route to access the networks behind the server via the WG tunnel. In this example, a route to 192.168.100.0/24 is added:
Check the WG tunnel status:
In the WG Tunnel status (Status > VPN > WireGuard), the new WG tunnel linked to the WG interface is shown:
Traffic on the tunnel
Try a ping to a pingable address on the WG server, in this example this is 192.168.100.1 (System > Terminal):
.png?lang=en-US&width=400&height=224)
Also, on the WG Tunnel status on the DAL router, an increase of traffic can be noticed:
Last updated:
Apr 30, 2024