VPN on second router attached to G3100
Fpm800
Enthusiast - Level 2

Are there any instructions on how to setup the G3100 router to allow a second router that's running a wireguard server to be linked to the the G3100? The second router would have it's firewall off so I would be using the firewall of the G3100 for security. The second router would only be used to connect to my home devices while I'm away from the house. Any help would be appreciated.

0 Likes
Reply
1 Solution
Capricorn1
Community Leader
Community Leader

I'm not sure what you mean by "run LAN to WAN." For the port to forward, pick any port you wish that's not a well-defined one likely already in use (e.g., don't use 80, 443, 25, etc.) If you haven't changed it, Wireguard uses port 51820 (according to the docs at Wireguard Tunnel Settings). You will also probably want to set the IP address of the machine running the Wireguard software to an internal static LAN address and use that address in the port forwarding rule. (You may want to change the DHCP settings to reserve a few addresses that the DHCP server doesn't set, such as making the End IP address something like 192.168.1.200.)

View solution in original post

5 Replies
dslr595148
Community Leader
Community Leader

#1 You only need to use their NAT router if:

a) You have Fios TV One (or if I am/was close but not quite: Fios One TV).

b) You need support from them. Support will end at the ONT if you use your own NAT router

So if neither of those things are true, make their NAT router a backup/spare.

Fpm800
Enthusiast - Level 2

I'm going to give it a try in December. I'll update the question then.

Capricorn1
Community Leader
Community Leader

If I were to do this, I would look into setting up the second router as a DMZ host. However, in that case, you would want to turn on the firewall features of the second router, as the G3100 would mostly pass through traffic with little inspection. Alternatively, look into using Port Forwarding or Port Triggering. All of these are touched on (somewhat lightly) in the G3100 User Guide.

Fpm800
Enthusiast - Level 2

If I were to set up via the port forwarding option could I still run Lan to WAN? Which port would you recommend using for that option?

I prefer not to use the DMZ option of possible.

0 Likes
Reply
Capricorn1
Community Leader
Community Leader

I'm not sure what you mean by "run LAN to WAN." For the port to forward, pick any port you wish that's not a well-defined one likely already in use (e.g., don't use 80, 443, 25, etc.) If you haven't changed it, Wireguard uses port 51820 (according to the docs at Wireguard Tunnel Settings). You will also probably want to set the IP address of the machine running the Wireguard software to an internal static LAN address and use that address in the port forwarding rule. (You may want to change the DHCP settings to reserve a few addresses that the DHCP server doesn't set, such as making the End IP address something like 192.168.1.200.)