Jump to content
Not connected, Your IP: 18.116.14.12
igorekDE

Openwrt airvpn client and wg Tunnel

Recommended Posts

hello guys, tell me how to set up a vpn client so that I can connect to openwrt from a mobile phone.
now only airvpn or wg server works for me
how do i allow wg client to connect to airvpn tunnel

Share this post


Link to post

I'd ask the philosophical question of what is to be gained by mixing both protocols. Make this less complicated, please, and stick with one.

… or do you mean, connect to some Wireguard VPN server that's not AirVPN while you've got an AirVPN connection up and running?

Also be advised, two simultaneous VPN connections with Android or iOS are not possible.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
18 hours ago, OpenSourcerer said:

I'd ask....

I want to connect to the router via wg while airvpn is running on it.

Share this post


Link to post
6 hours ago, OpenSourcerer said:

On mobile? Android/iOS?

android, It works when airvpn is off, i mean wg tunnel works i see my ip from home at airvpn.org when I start airvpn, wg tunnel doesn't work, there's no handshake. And I can only reach openwrt local

Share this post


Link to post

Well, as written, it's not possible on Android to have two active VPN tunnels at the same time. It's a restriction of the VPNService API.
It might work with root-based VPN apps which call openvpn directly and use the tun module, but I don't know if they exist anymore. You needed them on Android 2.x and older.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
2 minutes ago, OpenSourcerer said:

Well, as written, it's not possible on Android to have two active VPN tunnels at the same time. It's a restriction of the VPNService API.
It might work with root-based VPN apps which call openvpn directly and use the tun module, but I don't know if they exist anymore. You needed them on Android 2.x and older.

you didn’t understand me))))) wg client is installed on the phone which connects to openwrt on which openvpn (airvpn) is installed and wg server with which android connects.

Share this post


Link to post

Ooh, I see. Wireguard > OpenWrt > AirVPN. You want to be able to use the VPN connection when connecting to OpenWrt. I'm guessing so that you may use devices in your local network while making sure everything else is routed through the VPN.

Post your iptables rules, the configs of the Wireguard server, OpenVPN client, and OpenWrt configs of the networks and/or interfaces. I'll see what I can find but I'm not too acquainted with OpenWrt, so maybe others can answer in more detail, then.


NOT AN AIRVPN TEAM MEMBER. USE TICKETS FOR PROFESSIONAL SUPPORT.

LZ1's New User Guide to AirVPN « Plenty of stuff for advanced users, too!

Want to contact me directly? All relevant methods are on my About me page.

Share this post


Link to post
32 minutes ago, OpenSourcerer said:

Ooh, I see. Wireguard > OpenWrt > AirVPN. You want to be able to use the VPN connection when connecting to OpenWrt. I'm guessing so that you may use devices in your local network while making sure everything else is routed through the VPN.

Post your iptables rules, the configs of the Wireguard server, OpenVPN client, and OpenWrt configs of the networks and/or interfaces. I'll see what I can find but I'm not too acquainted with OpenWrt, so maybe others can answer in more detail, then.

I have not installed iptables, I am sending the rest of the configs here with a pic

Firewall config:


config defaults
        option input 'ACCEPT'
        option output 'ACCEPT'
        option synflood_protect '1'
        option forward 'ACCEPT'

config zone 'lan'
        option name 'lan'
        option input 'ACCEPT'
        option output 'ACCEPT'
        option forward 'ACCEPT'
        option masq '1'
        option mtu_fix '1'
        list network 'lan'

config zone 'wan'
        option name 'wan'
        option output 'ACCEPT'
        option masq '1'
        option mtu_fix '1'
        option input 'ACCEPT'
        option forward 'ACCEPT'
        list network 'wan'

config rule
        option name 'Allow-DHCP-Renew'
        option src 'wan'
        option proto 'udp'
        option dest_port '68'
        option target 'ACCEPT'
        option family 'ipv4'

config rule
        option name 'Allow-Ping'
        option src 'wan'
        option proto 'icmp'
        option icmp_type 'echo-request'
        option family 'ipv4'
        option target 'ACCEPT'


network:


config interface 'loopback'
        option device 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd47:148d:e2d3::/48'

config device
        option name 'br-lan'
        option type 'bridge'
        list ports 'eth0'

config interface 'wan'
        option proto 'static'
        option device 'eth0'
        option ipaddr '192.168.188.3'
        option netmask '255.255.255.0'
        option gateway '192.168.188.1'

config interface 'lan'
        option proto 'static'
        option device 'eth1'
        option ipaddr '192.168.178.1'
        option netmask '255.255.255.0'
        option gateway '192.168.188.3'
        list dns '8.8.8.8'

config device
        option name 'eth0'
        option ipv6 '0'

config device
        option name 'eth1'
        option ipv6 '0'

config device
        option name 'vpn'
        option ipv6 '0'


 

1.png

3.png

4.png

5.png

6.png

7.png

8.png

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
  • Security Check
    Play CAPTCHA Audio
    Refresh Image

×
×
  • Create New...