RUTX50 as wireguard client

Wiigian · May 8, 2025, 10:17am

Hi,

I am trying to get my mobile RUTX50 to connect to my Wireguard server at home.
I am a bit confused about how to configure this in the GUI, it looks as if I have to configure a Wireguard tunnel with its own private/public keys before I can configure a peer in the RUTX50? I have no way to provide the generated public key in the RUTX50 wireguard tunnel to my Wireguard server.

I have tried to enter the publickey1/presharedkey1/endpoint in my client configuration on my RUTX50, but it is not connecting. Could it be a firewall issue?

This is the config from my Wireguard server:
cat teltonika-client1.conf
[Interface]
PrivateKey = privatekey1
Address = 10.139.253.6/24
DNS = 192.168.1.25

[Peer]
PublicKey = publickey1
PresharedKey = presharedkey1
Endpoint = my.vpn.server:34567
AllowedIPs = 0.0.0.0/0, ::0/0

Any guidance will be greatly appreciated.

Mike · May 8, 2025, 11:31am

Your wireguard firewall zone should look similar to this. You need to select your Wireguard tunnel in the box indicated by the red arrow.

Wiigian · May 8, 2025, 12:09pm

Hi,

thanks for your reply. I tried to set it up as per your image, but I am still not seing any handshakes, so I am not sure if it is even trying to connect.

Mike · May 8, 2025, 2:06pm

OK strip it back to basics. The below configuration assumes …

a) The tunnel IP on your Home Server is 10.139.253.1
b) The tunnel IP on your RUTX50 is 10.139.253.6
c) Your home internet provider has given you a public IP
d) The RUTX50 service provider has given you an IP that is behind CGNAT and is not Public
e) The RUTX50 always initiates the tunnel connection
f) You want any device attached to the lan segment on the RUTX50, access to all subnets on your Home Server (firewall rules allowing).
g) There is no pre-shared key
h) There are no IP subnet overlaps on the Home Server / RUTX50 combo.

EDIT: The settings are changed from the original post and are highlighted in GREEN.

Wiigian · May 8, 2025, 2:41pm

Thank you for looking into my issue and providing this.

Mike · May 8, 2025, 4:41pm

No problem … once you have the simple configuration working, then you can start altering things such as DNS Server, Pre-shared key etc.

Leave the MTU at 1280.

Depending on the device at your home location, some of the settings on your home server, may not be present.

Mike · May 9, 2025, 7:06am

I’ve slighly changed the settings, and have ammended the original post.

system · May 11, 2025, 7:06pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.