Both sides previous revision
Previous revision
Next revision
|
Previous revision
Next revision
Both sides next revision
|
userdoc:tt_edgerouter-x [2018/12/26 14:04] abelbeck [EdgeRouter-X VPN Endpoint] |
userdoc:tt_edgerouter-x [2022/08/29 07:08] mkeuter [WireGuard Firewall Setup on OpenWrt] |
{{:userdoc:edgerouter-x-photo.png?nolink|EdgeRouter-X}} | {{:userdoc:edgerouter-x-photo.png?nolink|EdgeRouter-X}} |
| |
Since the EdgeRouter-X is not x86 hardware, AstLinux will not run on it. The default EdgeRouter-X firmware is EdgeOS, documentation found here: [[https://www.ubnt.com/downloads/guides/edgemax/EdgeOS_UG.pdf|EdgeOS User Guide]]. The WireGuard VPN is currently available for EdgeOS as a third-party ''.deb'' package found here: [[https://github.com/Lochnair/vyatta-wireguard|vyatta-wireguard]]. | Since the EdgeRouter-X is not x86 hardware, AstLinux will not run on it. The default EdgeRouter-X firmware is EdgeOS, documentation found here: [[https://www.ubnt.com/downloads/guides/edgemax/EdgeOS_UG.pdf|EdgeOS User Guide]]. The WireGuard VPN is currently available for EdgeOS as a third-party ''wireguard-e50-<revision>.deb'' package found here: [[https://github.com/Lochnair/vyatta-wireguard|vyatta-wireguard]]. |
| |
Alternatively, the [[https://openwrt.org/toh/ubiquiti/ubiquiti_edgerouter_x_er-x_ka|OpenWrt Project]] offers firmware specifically built for the EdgeRouter-X with impressive performance. The current standard ''18.06.1'' release performs NAT routing at near 1 Gbps line speed, and WireGuard VPN performance at around 180 Mbps. Quite reasonable for a 32-bit, 880 MHz CPU. | Alternatively, the [[https://openwrt.org/toh/ubiquiti/ubiquiti_edgerouter_x_er-x_ka|OpenWrt Project]] offers firmware specifically built for the EdgeRouter-X with impressive performance. The current standard ''18.06.1'' release performs NAT routing at near 1 Gbps line speed, and WireGuard VPN performance at around 180 Mbps. Quite reasonable for a 32-bit, 880 MHz CPU. |
| |
With the "System Load Linux to SDRAM via TFTP" chosen, you need to specify two IP addresses and the name of the TFTP filename ''openwrt.bin'', as show above. | With the "System Load Linux to SDRAM via TFTP" chosen, you need to specify two IP addresses and the name of the TFTP filename ''openwrt.bin'', as show above. |
| |
| !!Note:!! Some OpenWRT devices work exclusively with ''192.168.1.1'' + ''192.168.1.2'' as the device + server IP addresses! ((use e.g.\\ ''ifconfig eth1:1 192.168.1.2 netmask 255.255.255.0 up''\\ to add an additional virtual address to the server)) |
| |
Type RETURN and the ER-X should reboot into the factory initramfs-kernel of OpenWrt. After the dmesg logs appear to stop, type RETURN again, you should see a login as shown below: | Type RETURN and the ER-X should reboot into the factory initramfs-kernel of OpenWrt. After the dmesg logs appear to stop, type RETURN again, you should see a login as shown below: |
{{:userdoc:edgerouter-x-firewall-wg-interface.png?nolink|Firewall WireGuard Interface}} | {{:userdoc:edgerouter-x-firewall-wg-interface.png?nolink|Firewall WireGuard Interface}} |
| |
| ===== Alternatives to the EdgeRouter X ===== |
| |
| The |