8413 questions

9899 answers

15704 comments

14199 members

+1 vote
182 views 8 comments
by
Hello, I have a RUTX11 and tried to create a tunnel between it and my iPhone on Orange 4G. No matter what I try I cannot establish the tunnel and acces my admin page of the RUTX11 at 192.168.1.1 from my iPhone when I'm away from home. I set everything manually so maybe I did something wrong and hence I think that if I can import the Wireguard config from the RUTX11 to the iPhone maybe things will be solved. So therefore the question in the tilte: after ssh to RUTX11 how do I generate the QR code for Wireguard config?

Also what are the settings needed in the firewall after making the WG config? Is there a wiki on this specifically for RUTX11 that I can read?

Thanks a lot in advance!

1 Answer

0 votes
by
Agree with you, optionally displaying a qr-code for a wireguard client will be a nice thing. dd-wrt does it by default, *very useful*.

 And for the firewall rules, set lan->wireguard and wireguard->lan both to Accept/Accept/Accept for testing at least, you may restrict the flows after you are done.

Does your device have a public IPv4 or IPv6 address ? If not it won't be reachable from the outside world.

Regards,
Best answer
by
Thanks for your reply. In fact, but please correct me if I'm wrong, I will not be able to connect since my RUTX11 is connected to the internet through a mobile LTE broadband connection from Orange and I do not have a public address. I've read that a workaround would be to connect the router to a VPN provider like PIA or ExpressVPN and then I can access the router from a  mobile phone connected to the same VPN provider. Am I right?

Thanks for confirmation or not.
by
Depends. If Orange gives you a static or dynamic public IPv6 address (SFR does) you can try to put it in a dyndns, it should then be accessible by name if the operator doesn't filter too aggressively.

Or as you have mentioned you can use a VPN provider.

Another solution is to use Zerotier (add the package via Package Manager) it is easy to setup.

Regards,
by
Thanks a lot for help!

Orange will not give me a public IP unless I contract as a company which is not the case.

With a vpn provider is very cumbersome to set-up the connection but nevertheless I will try it with PIA just to see how it works.

I have instead tried zerotier and it works like a charm!!!
by
Hi, I came back with a feedback regarding openvpn + vpn provider route. I purcahsed a Nord VPN subscription specifically for this. I've made all the settings as client and I can connect to NordVPN. However the moment the connection is active I cannot open any website from devices connected to the router. I tried on a Windows 10 PC and although it says that the wifi connection from RUTX11 has internet I cannot open ant website. Once I disable the connection to NordVPN I can access websites again. Do you know whether there is any settings that I need to do in the firewall of RUTX11? Not to mention that if I could not acces any site when connected to NordVPN I could not test the connection from my Iphone with NordVPN. For the moment the only solution that really works is Zerotier.
by
For testing at least you should have lan->openvpn and openvpn->lan set to Accept/Accept/Accept, and masquerading set.
by
Done that, no effect. Probably the filtering on Orange side is very aggresive and hence any VPN detected is blocked.

However Zerotier manages to make the connection.
by
Maybe. With the openvpn tunnel up can you ping www.yahoo.com from the RUTX ? If it answers then something is amiss in the routes and / or firewall rules.
by
I will try this and see what's happening. Thanks!