Skip to content

Build Your Own WireGuard Home Server with two GL.iNet Routers

This article will introduce how to set up your home router as the WireGuard VPN server and your travel router as the WireGuard VPN client to connect together remotely, so that you can use your home IP address with the travel router anywhere.

Here we use our GL-MT6000 as the example to run WireGuard VPN server at the home site, and you can also choose other models such as MT2500 if you don’t require the wireless capacity. As for the travel router, we use our GL-MT3000 as the example, and you can choose others as well.

Why you need to build own your WireGuard home server

  1. Use your home IP address as the Internet address, acting as that you are just at home.
  2. No need to pay the monthly fee when comparing with the 3rd parties VPN service.
  3. Route all the Internet traffic to your home network via encrypted VPN tunnel and secure your privacy.
  4. Easy access to your internal resources and local streaming.



Check if you have a Public IP address

First, you shall make sure the GL-MT6000 has a Public IP address on its WAN side, so that it can be globally accessed. Otherwise your travel router cannot build up a VPN connection with it while you are traveling.

To check if you have the Public IP address, please open a web browser and type in in the address bar.


It will show your public IP address, if it matches with your WAN IP from your ISP, you are granted a Public IP Address.

If you don’t have a Public IP address, here are some methods for your reference.

  1. if you have a main router, you shall login to it and check if it gets the Public IP from your ISP.
  2. if you can ask your ISP to give you a Public IP address, she may charge an extra fee for it.
  3. if both the above two ways don’t work. For example, if you are in a CGNAT, you can take the reverse proxy method such as Astrorelay.
TP-Link as Main Router

Your GL-MT6000 connects to an upper router

Connect to your home router’s WiFi or LAN, then login the web admin panel. Check the IP address it obtains from your ISP. Here you can see it is your Public IP

Example: A TP-Link Router


Set up the Port Forwarding on your main router

  1. Login to the web control page of your main router
  2. Find out where is the function of port forwarding, different brands may call it by different names
  3. Find the IP address assigned to GL-MT6000

Example: A TP-Link Router

  1. Go to “Advanced” and click “virtual Server”, then “Add”.
  2. Internal IP (Device IP): It is the IP address assigned to GL-MT6000, you can find it in the client list of TP-Link
  3. External/Internal port: Please fill both are "51820"
  4. Protocol: You can choose "All or UDP or TCP/UDP"


GL.iNet as Main Router

Your GL-MT6000 connects to the ISP modem directly


You can see your Public IP shows on the IP Address and you have No Need to do port forwarding.

Set up the WireGuard server on GL-MT6000

Enable DDNS (Optional)

Enable the DDNS function if you do not have a Public Static IP but only have a Public Dynamic IP.

Go to the admin panel >Applications>Dynamic DNS and slide to enable


Check the box below and click Apply.


Then Go to WireGuard VPN server, make sure the Listen Port is 51820 and click “Apply.”


Generate a Configuration

Click Profiles and Add a Client then it will automatically generate a client configuration. Click the square icon (point 2) and slide to use DDNS Domain. (point 3, Optional if you have dynamic IP only).


Use the WireGuard mobile app scan the QR to test the server.For details please click here.

Output a text format configuration for Client Installation

Change the configuration to text format by click Configuration File. Copy the text for the client or download and save it then drag it to the client later.


Set up the WireGuard Client on GL-MT3000

Change the LAN IP

Login to the admin panel of GL-MT3000 and go to the Network on the side bar and change the LAN IP.

Change the LAN IP

Add the Configuration

Go to the WireGuard Client and click Add Manually.


Create a name for the connection and drag the configuration downloaded before or click Manually Add Configuration.


Paste the Configuration Text onto it and then you can connect to the server now.


Connect GL-MT3000 to your GL-MT6000 Server

Click the name you just created, and it will show you the configuration you just loaded then click Start.


You will see your client is connecting to the server now with your Home Public IP.


Go back to the VPN DashBoard of GL-MT6000, you will also see the client is connected.


Use GoodCloud to manage the routers remotely in case of any problems when you are traveling

Sometimes your server may be down due to a power outage or other reasons, in order to maintain the accessibility of your server, please bind it our GoodCloud also.

Related Articles