Search
Search Menu

How to Set Up WireGuard VPN Server on the Deco App

Configuration Guide
Updated 05-28-2024 20:57:22 PM 3924
This Article Applies to: 

WireGuard, a state-of-the-art open-source VPN protocol, is renowned for its exceptional speed, robust security, and user-friendly design. Its advanced encryption and streamlined architecture ensure swift and secure virtual private network connections across a wide range of platforms, making it an ideal choice for your mobile device.

Please follow the steps below to set up the WireGuard VPN Server on the Deco app.

1. Launch the Deco app. Go to MORE > Advanced > VPN Server, and tap Add VPN Server.

2. We recommend enabling DDNS (Dynamic Domain Name System) to bind your WAN IP to a domain name. This can prevent issues with your WAN IP changing, which might otherwise cause VPN connection problems.

Please refer to this link: https://www.tp-link.com/support/faq/3481/

3. View the default WireGuard VPN settings, as shown above. The parameters are automatically filled in; do not change them unless necessary.

Select your Client Access type. Select Home Network Only if you want the remote device to access only your home network; select Internet and Home Network if you also wish the remote device to access the Internet through the VPN Server.

4. (Optional) Click Advanced Settings to display more settings.

If Allow DNS is turned on, the Deco will become the DNS server of the VPN client that establishes a connection with it. It is vital to ensure your online privacy.

Change the Persistent Keepalive time (25 seconds by default) to send out heartbeats regularly. You can also click RENEW KEY to update the private key and public key.

5. Locate the Peer List section. Click Add Peer to create an account.

Address: The IP the server assigns to the Client's VPN tunnel after the connection. The Address should be included in the Allowed IPs(Server).

Allowed IPs (Server): The IPs of the clients are allowed to communicate with the server.

Allowed IPs (Client): The destination IPs the client can access via the VPN tunnel. In most cases, the default configuration can meet the needs.

6. Click “Done”.

Note: Only one account can be used by one WireGuard VPN client at a time to connect to the WireGuard VPN server.

7. Connect to the WireGuard server:

On the Peer List, click on the Modify column of the corresponding account.

• For mobile phones, download the WireGuard App from Google Play or Apple Store, then use the App to scan the QR Code to connect to this server.

• For other devices (e.g., TP-Link WireGuard VPN client), click EXPORT Config File to save the WireGuard VPN configuration file, which the remote device will use to access your router.

8. On the Peer list, you can click the button to modify the VPN server settings, connect to the server, or delete the account.

 

Is this faq useful?

Your feedback helps improve this site.

Recommend Products

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .

We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .

Basic Cookies

These cookies are necessary for the website to function and cannot be deactivated in your systems.

TP-Link

accepted_local_switcher, tp_privacy_base, tp_privacy_marketing, tp_smb-select-product_scence, tp_smb-select-product_scenceSimple, tp_smb-select-product_userChoice, tp_smb-select-product_userChoiceSimple, tp_smb-select-product_userInfo, tp_smb-select-product_userInfoSimple, tp_top-banner, tp_popup-bottom, tp_popup-center, tp_popup-right-middle, tp_popup-right-bottom, tp_productCategoryType

Livechat

__livechat, __lc2_cid, __lc2_cst, __lc_cid, __lc_cst, CASID

Youtube

id, VISITOR_INFO1_LIVE, LOGIN_INFO, SIDCC, SAPISID, APISID, SSID, SID, YSC, __Secure-1PSID, __Secure-1PAPISID, __Secure-1PSIDCC, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC, 1P_JAR, AEC, NID, OTZ

Analysis and Marketing Cookies

Analysis cookies enable us to analyze your activities on our website in order to improve and adapt the functionality of our website.

The marketing cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.

Google Analytics & Google Tag Manager

_gid, _ga_<container-id>, _ga, _gat_gtag_<container-id>

Google Ads & DoubleClick

test_cookie, _gcl_au

Facebook

_fbp

Crazy Egg

cebsp_, _ce.s, _ce.clock_data, _ce.clock_event, cebs

Hotjar

OptanonConsent, _sctr, _cs_s, _hjFirstSeen, _hjAbsoluteSessionInProgress, _hjSessionUser_14, _fbp, ajs_anonymous_id, _hjSessionUser_<hotjar-id>, _uetsid, _schn, _uetvid, NEXT_LOCALE, _hjSession_14, _hjid, _cs_c, _scid, _hjAbsoluteSessionInProgress, _cs_id, _gcl_au, _ga, _gid, _hjIncludedInPageviewSample, _hjSession_<hotjar-id>, _hjIncludedInSessionSample_<hotjar-id>

Linkedin

lidc, AnalyticsSyncHistory, UserMatchHistory, bcookie, li_sugr, ln_or