Skip to content

Build Your Own WireGuard Home Server with two GL.iNet Routers

This article will introduce how to set up your home router as the WireGuard VPN server and your travel router as the WireGuard VPN client to connect together remotely, so that you can use your home IP address with the travel router anywhere.

Here we use our GL-MT6000 as the example to run WireGuard VPN server at the home site, and you can also choose other models such as MT2500 if you don't require the wireless capacity. As for the travel router, we use our GL-MT3000 as the example, and you can choose others as well.

Why you need to build own your WireGuard home server

  1. Use your home IP address as the Internet address, acting as that you are just at home.
  2. No need to pay the monthly fee when comparing with the 3rd parties VPN service.
  3. Route all the Internet traffic to your home network via encrypted VPN tunnel and secure your privacy.
  4. Easy access to your internal resources and local streaming.

Preparations

Check if you have a Public IP address

First, you shall make sure the GL-MT6000 has a Public IP address on its WAN side, so that it can be globally accessed. Otherwise your travel router cannot build up a VPN connection with it while you are traveling.

To check if you have the Public IP address, please open a web browser and type in ip.gs in the address bar.

myip

It will show your public IP address, if it matches with your WAN IP from your ISP, you are granted a Public IP Address.

If you don't have a Public IP address, here are some methods for your reference.

  1. if you have a main router, you shall login to it and check if it gets the Public IP from your ISP.
  2. if you can ask your ISP to give you a Public IP address, she may charge an extra fee for it.
  3. if both the above two ways don't work. For example, if you are in a CGNAT, you can take the reverse proxy method such as Astrorelay.

Confirm you need to do a Port Forwarding or not?

GL.iNet as Main Router

Topology

GLiNet Router is directly connect to ISP modem

topologywg

How to confirm your GL.iNet Router connects to the ISP modem directly?

mt6000-home

Login GL.iNet Admin Panel, you can see your Public IP shows on the IP Address and you have No Need to do Port Forwarding.

GL.iNet as Sub-Router

Topology

Set the Port Forward on your Main Router if GL.iNet router is sit behind NAT

togologywgtp

Connect to your home router's WiFi or LAN, then login the web admin panel. Check the IP address it obtains from your ISP. Here you can see it is your Public IP 42.200.00.00.

Example: A TP-Link Router

tp_home

  1. Go to “Advanced” and click “virtual Server”, then “Add”.

  2. Internal IP (Device IP): It is the IP address assigned to GL.iNet Router, you can find it in the client list of TP-Link

  3. External/Internal port: Please fill both are "51820"

  4. Protocol: You can choose "All or UDP or TCP/UDP"

tp_port1

More Port Forward examples

Set up the WireGuard server on GL.iNet Router

Enable DDNS (Optional)

Enable the DDNS function if you do not have a Public Static IP but only have a Public Dynamic IP.

Go to the admin panel >Applications>Dynamic DNS and slide to enable

serverddns

Check the box below and click Apply.

ddnsapply

Then Go to WireGuard VPN server, make sure the Listen Port is 51820 and click “Apply.”

wgserver

Generate a Configuration

Click Profiles and Add a Client then it will automatically generate a client configuration. Click the square icon (point 2) and slide to use DDNS Domain. (point 3, Optional if you have dynamic IP only).

wgservergen

Use the WireGuard mobile app scan the QR to test the server.For details please click here.

Output a text format configuration for Client Installation

Change the configuration to text format by click Configuration File. Copy the text for the client or download and save it then drag it to the client later.

configload

Set up the WireGuard Client on GL-MT3000

Change the LAN IP

Login to the admin panel of GL-MT3000 and go to the Network on the side bar and change the LAN IP.

Change the LAN IP

Add the Configuration

Go to the WireGuard Client and click Add Manually.

addwgclient1

Create a name for the connection and drag the configuration downloaded before or click Manually Add Configuration.

addwgclient2

Paste the Configuration Text onto it and then you can connect to the server now.

addwgclient3

Connect GL-MT3000 to your GL-MT6000 Server

Click the name you just created, and it will show you the configuration you just loaded then click Start.

wgstart

You will see your client is connecting to the server now with your Home Public IP.

clientup

Go back to the VPN DashBoard of GL-MT6000, you will also see the client is connected.

servercon

Use GoodCloud to manage the routers remotely in case of any problems when you are traveling

Sometimes your server may be down due to a power outage or other reasons, in order to maintain the accessibility of your server, please bind it our GoodCloud also.


Related Articles