How to configure WireGuard VPN on Omada Router in Standalone mode?
Omada Controller , TL-R605( V2 ) , Omada Software Controller , Omada Cloud-Based Controller , ER605( V2 )
Recent updates may have expanded access to feature(s) discussed in this FAQ. Visit your product's support page, select the correct hardware version for your device and check either the Datasheet or the firmware section for the latest improvements added to your product.
User’s Application Scenario
WireGuard VPN is a modern VPN technology that offers high performance and easy configuration. Compared to OpenVPN, VPN performance has been greatly improved. It is very suitable for remote access application scenarios. This article describes how to establish a WireGuard VPN connection between ER605 v2 as well as a Windows PC.
Configuration
Step 1. Configure WireGuard VPN on the router.
1. Go to VPN -->Wireguard--> Wireguard, click Add and fill in the following parameters:
- Name: test
- MTU: 1420 (Default is 1420, no need to modify)
- Listen Port: 51820 (The default port is 51820, which can be modified)
- The public key and the private key will automatically generate a string of random numbers, which can be modified without modification.
- Local IP Address: 192.168.0.2 (This is the IP address of the WireGuard VPN interface, it is recommended not to have the same LAN IP as the router)
2. After the creation, click Export in the figure below to export the public key information from the router and send it to the Windows PC.
Step 2. Configure WireGuard VPN on the Windows PC.
1. Download WireGuard VPN software on the PC, please refer to Installation - WireGuard.
2. Open the WireGuard VPN software and choose Add empty tunnel.
3. Record the public key information and fill in the following parameters:
[Interface]
Address = 10.0.0.1/24 (Ensure that the interface IP address for the WireGuard VPN does not overlap with the LAN IP)
DNS = 8.8.8.8 (Note that if this parameter is not filled in, the PC will not be able to access the Internet)
[Peer]
PublicKey = Fill in the public key information exported on the Omada Router
AllowedIPs = 0.0.0.0/0
This parameter has two functions: When sending packets, the list of allowed IPs behaves as a sort of routing table, and when receiving packets, the list of allowed IPs behaves as a sort of access control list. 0.0.0.0/0 means that all data sent by the PC goes to the VPN, reaches the peer and is then forwarded by the Omada router.
Endpoint = 192.168.1.110:51820 (Omada Router's WAN IP address and corresponding port)
4. Save the above configuration as shown below.
Step 3. Configure peer information on the Omada Router.
Go to VPN -->Wireguard--> Peers, click Add, and fill in the following parameters:
- Interface: test (Choose the WireGurad VPN Interface created just now)
- Public Key: Fill in the public key information exported from the Windows PC
- Endpoint and Endpoint Port is the information that needs to be filled in when the Omada Router actively connects to other WireGurad Server, which is not required in this scenario.
- Allowed Address: 10.0.0.1/24 (The same as the WireGuard VPN interface IP configured on the Windows PC)
Step 4. Connect to the Omada Router using WireGuard VPN.
Click Activate of the WireGuard VPN on the Windows PC to connect to the Omada Router.
Verification process
(1) For the Windows PC:
The Status will change to Active proves that a VPN connection has been successfully established
The PC can access the Omada Router's LAN side.
(2) For Omada Router:
The WireGuard VPN configuration interface displays information about the amount of data transmitted over the VPN and the connection time.
Get to know more details of each function and configuration please go to Download Center to download the manual of your product.
Related FAQs
- How to configure IPSec LAN to LAN VPN for multiple subnets using the new GUI
- How to access the internet by using VPN Server as a proxy gateway
- What to do if you cannot access the remote network through Client-to-LAN/Site VPN tunnel
- How to set up PPTP & L2TP VPN Server with Omada Gateway in Controller Mode
Is this faq useful?
Your feedback helps improve this site.
What’s your concern with this article?
- Dissatisfied with product
- Too Complicated
- Confusing Title
- Does not apply to me
- Too Vague
- Other
We'd love to get your feedback, please let us know how we can improve this content.
Thank you
We appreciate your feedback.
Click here to contact TP-Link technical support.
TP-Link Community
Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy . Don’t show again
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy . Don’t show again
Basic Cookies
These cookies are necessary for the website to function and cannot be deactivated in your systems.
TP-Link
SESSION, JSESSIONID, accepted_local_switcher, tp_privacy_base, tp_privacy_marketing, tp_smb-select-product_scence, tp_smb-select-product_scenceSimple, tp_smb-select-product_userChoice, tp_smb-select-product_userChoiceSimple, tp_smb-select-product_userInfo, tp_smb-select-product_userInfoSimple, tp_top-banner, tp_popup-bottom, tp_popup-center, tp_popup-right-middle, tp_popup-right-bottom, tp_productCategoryType
Youtube
id, VISITOR_INFO1_LIVE, LOGIN_INFO, SIDCC, SAPISID, APISID, SSID, SID, YSC, __Secure-1PSID, __Secure-1PAPISID, __Secure-1PSIDCC, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC, 1P_JAR, AEC, NID, OTZ
Zendesk
OptanonConsent, __cf_bm, __cfruid, _cfuvid, _help_center_session, _pendo___sg__.<container-id>, _pendo_meta.<container-id>, _pendo_visitorId.<container-id>, _zendesk_authenticated, _zendesk_cookie, _zendesk_session, _zendesk_shared_session, ajs_anonymous_id, cf_clearance
Analysis and Marketing Cookies
Analysis cookies enable us to analyze your activities on our website in order to improve and adapt the functionality of our website.
The marketing cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.
Google Analytics & Google Tag Manager
_gid, _ga_<container-id>, _ga, _gat_gtag_<container-id>
Google Ads & DoubleClick
test_cookie, _gcl_au