Products Firewalla Blue Firewalla Gold Firewalla Blue Plus Firewalla Red

Articles in this section

See more

WireGuard VPN Server (Beta)

Avatar
Support Team
  • Updated
Follow

Wireguard Configuration

This feature is available in Firewalla App 1.45 and Box 1.972.  (Firewalla Gold and Blue Plus)

Wireguard is a newer (when compared with OpenVPN) VPN protocol, and like OpenVPN is also open source.  This protocol is simpler than OpenVPN and can have a higher encryption rate.  (References https://wireguard.com https://en.wikipedia.org/wiki/WireGuard)

  • WireGuard is UDP base.  (OpenVPN can run over TCP/UDP)
  • On the Firewalla Gold, the performance is 1.5 to 2 time faster than OpenVPN
  • WireGuard source code is new and it is a lot simpler than OpenVPN

 

1. To Enable Wireguard

Wireguard.png

 

2. Configure Port Forwarding 

Similar to OpenVPN, Wireguard requires the port to be accessed from outside.

  • If you are using Firewalla Gold, and it is running in Router mode without double NAT, no need to worry about this step. The "Port Forwarding" will be shown as complete. 
  • If your router has UPnP enabled (as most routers do), then it is simple, Firewalla will do everything for you. If your router doesn't support UPnP, you will need to manually set up port forwarding on your home router.  Tutorial: How to set up port forwarding for VPN Server

 

3. Install Wireguard App

To connect to Wireguard VPN, you will need to install Wireguard App on your mobile or desktop device. Here is the official installation guide provided by Wireguard.  

 

4. Configure Wireguard App

Once you installed the client, you'll need a profile to help you set up the VPN Connection.

Tap Setup -> Add a Client, a client will be created automatically.

Note: Up to 3 clients are supported now. Please do NOT use the same VPN profile on different Wireguard clients at the same time.

Tap the client, it will show you a profile and a QR code. There are two ways to use Wireguard App to connect your device to Wireguard VPN Server: Create from file, or create from QR code.
Here is an example of the Wireguard App on iOS: 

Screen_Shot_2021-03-17_at_7.44.14_PM.png

 

 

Related articles

Comments

4 comments

Sort by Date Votes
  • Avatar
    Andy brown

    Anyone else having issues With WireGuard on the new release?
    To me it looks like it’s not resolving the DNS as I can’t connect to any site through the VPN.
    I’ve tried changing the DNS in the network section for WireGuard to an external DNS and still nothing. I’ve reset the config and downloaded the file again. This is on two different profiles..

    0
    Comment actions Permalink
  • Avatar
    Andy brown

    All sorted, complete delete including clients. Not sure what happened the first time.

    0
    Comment actions Permalink
  • Avatar
    Chris Hewitt
    • Edited

    This is great. Thanks for implementing it.

    Can WireGuard and the OpenVPN solution coexist on the Firewalla?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    Yes, OpenVPN and Wireguard can live together nicely.  

    0
    Comment actions Permalink

Please sign in to leave a comment.