I’ve gone through this process a few times over the last week since trying out WireGuard, and for the most part it’s been seemless. There’s hiccups here or there, but normally just me misconfiguring my keys/ config file.

Typically on the client (my phone, tablet, etc) there is an option to generate the key pairs. I’ll then put the public one on my peer definition in pfsense, and away we go.

With this GL.iNet router however, there is no option (that I see) to generate the key pairs… so I think the problem I’m running into is that they are not matching/ expected when the negotiation with my firewall happens.

How can I go about generating these keypairs? Has anyone had this issue with GL.iNet?

EDIT: After finding a post from GL.iNet staff advising to not have a Listening port in the Peer section, and to set the MTU to around 1300, I have everything working as expected.

  • 𝕽𝖚𝖆𝖎𝖉𝖍𝖗𝖎𝖌𝖍
    link
    fedilink
    arrow-up
    3
    ·
    9 months ago

    I’ve only used my GL.iNet router with Mullvad, and I assume you’re going through the manual configuration for WireGuard part of the UI? Have you found the scan qr/upload config/manual input config part? From as far as I’ve tried it, it’s like setting up any WireGuard endpoint - you have to give it the same sort of config file you’d give wg-quick, including subnet, hosts, etc - the same place you’d put your pk.

    Generate the config file on a different computer and upload it through the UI.

    • root@lemmy.worldOP
      link
      fedilink
      arrow-up
      2
      ·
      9 months ago

      Hey there,

      Yeah I’m doing it manually, and I did try importing the config from pfsense, however it would say import successful and then “Failed” at the bottom, lol. I did end up getting it working after finding a post from the staff mentioning that you should not put a listening address on the Peer and you should set a manual MTU of like 1300 which worked for me.