I am struggeling since days with the setup of an iphone as VPN Client for the RUTX50. There are some example configurations for site2site connections, but I can’t find any step-by-step manual on how to setup Wireguard VPN on a RUTX50 as server and an iPhone as client.
Anybody here has some detailed procedure for this ? Or maybe a link to a video, where exactly this is shown ?
I want to be able to access devices in my internal network from the iPhone, which is supposed to dial in from outside via mobile network.
I’m running crazy on this and even though I work in IT for 25 years now, I am not able to get this working… I feel sooooo dumb…
In the ‘world’ of Wireguard, there is no such thing as a ‘Server’ or a ‘Client’ as all nodes are equal, hence why they are referred to as ‘Peers’. So when you refer to a ‘Site2Site’ setup, it is just 2 peers that happen to be routers. The setup would be basically the same, if one Peer was a router and and the other Peer a phone.
People use words like ‘Server’ and ‘Client’ because VPN users are familiar with these ‘labels’, which unfortunately infer a differing level of status/functionality or role.
The important thing to note in your case, is that your RUTX must have a Public IP.
If your RUTX has a Private IP, then look to use a VPN solution that is agnostic as to the type of IP that your phone and router have as their WAN address. Such examples are Zerotier or Tailscale, both of which the RUTX50 supports. These type of solutions are often referred to as ‘VPN Relays’ or ‘VPN Matching Services’.
@Marcelo.Barros - I’m sorry, but this doesn’t help me much. In the Wiki, there are just the parameters explained for every type of VPN… Unfortunately none of that enables me to setup a proper VPN Connection…
Thanks Marcelo, I’ve seen this procedure already and had issues in generating the nescessary certificates… Furthermore, I find OpenVPN way more complicated than nescessary for my usecase. Obviously, Wireguard has much less options to setup to make it work - if I would just know, what I’m doing…
It should be noted that firewall settings on the RUTX can influence whether the IP routing can function as intended. If not getting expected results, focus upon your firewall settings.
Thanks, Mike, this looks like a good starting point. Problem is just, that the Peer config in RUTX50 doesn’t want to keep the phones public key. I enter everything, like you wrote there, took the phones public key as well and saved it.
Strangely, it comes back with an error promp, which does not show any message. See this:
After changing to another page on the router and then coming back to the peers in Wireguard, the public key of the phone is gone and the IP address has modified to 192.168.60.2/32 instead of 214/32…
I have the actual firmware on the RUTX50.
If I log in to CLI and type wg, it also doesn’t show any peer in yellow, just the RUTX50 in green.
I really have no idea, what is all that mess here…
I’m assuming that 192.168.60.0/24 is used for nothing else other than your wg tunnels and you HAVE NOT created a network or a dhcp server for 192.168.60.0/24.
That screen is showing odd behaviour with the empty dialogue box (in red). If it were me, I’d be tempted to do a Factory Reset, and start from scratch. Double check your entry of keys, as it’s easy to make a mistake.
For security reasons, it’s best to redact any Public / Private keys before posting. People might say that it doesn’t matter for Public keys but given the forecast exponential growth in Quantum Computing, it’s best that the least info out in the Public Domain, the better.