Related Topics
[Wireless Router] How to set up site to site VPN with WireGuard®?
What is WireGuard®?
WireGuard® is an advanced and modern VPN protocol that is easy to configure, providing blazing-fast speed, a leaner protocol, and it's seen as more secure than IPsec with the state-of-the-art cryptography. The functionality of WireGuard® VPN somehow performs better than well-known OpenVPN.
Why should we set up site to site VPN with WireGuard®?
If you’re required to share information or resources between intranets from different locations, such as offices, chain stores, using site to site VPN with WireGuard® can quickly help you build up your private network to connect all these places.
Why should we set up WireGuard® client in VPN fusion?
Setting up a WireGuard® router client in VPN Fusion can provide VPN connectivity to devices which can’t install VPN software, and work more than one tunnel at a time to fulfill multi-scenarios like gaming, live stream, security purpose. It’s also able to use the local network simultaneously and connected by multi-device as you need.
Prepare
WireGuard® is only supported on the firmware version later than 3.0.0.4.388.23000. For Supported models, please refer to https://asus.click/vpnfusionmodel (You can find the support model list at the bottom of this page).
For instruction about how to update the firmware, please refer to the support article : How to update the firmware of your router to the latest version ? (WebGUI)
1. Manage routers' subnet before setting.
For example, the router’s LAN default IP is 192.168.50.1, we can manually change the router’s LAN IP of VPN client to 192.168.100.1
Note: The router’s LAN IP of VPN client must be different from VPN server.
Change router’s LAN IP in VPN client to 192.168.100.1
2. Verify the site to site scenario and modify the configuration.
Settings in VPN Server GUI
Settings in VPN Fusion GUI
Scenarios
| Scenario 1: Change Internet IP | Scenario 2: One-way communication | Scenario 3: Two-way communication |
Devices in VPN client LAN connect to VPN server to change the IP location | Devices in VPN client LAN and access the file server in VPN server LAN. | All devices in VPN client LAN and VPN server LAN can communicate with each other. | |
Access intranet | Disable | Enable | Enable |
Allow IPs (Server) | 10.6.0.2/32 | 10.6.0.2/32 | 10.6.0.2/32,192.168.100.0/24 |
Allow IPs (Client) | 0.0.0.0/0 | 0.0.0.0/0 | 0.0.0.0/0 |
Enable NAT | Enable | Enable | Disable |
Scenario 1: Change Internet IP
Scenario 2: One-way communication
Scenario 3: Two-way communication
Note: In some special scenarios, the Internet access is restricted and you need to enable [ Allow DNS ] in WireGuard® Advanced Settings.
How to get the (Utility / Firmware)?
You can download the latest drivers, software, firmware and user manuals in the ASUS Download Center.
If you need more information about the ASUS Download Center, please refer to this link