OpenWrt is an alternative operating system that can be installed on most routers. The article assumes that you already have a router with OpenWrt.

WireGuard® is a modern VPN protocol designed for secure and high-speed data transmission over the Internet. If your ISP does not apply strict UDP filtering (i.e., does not restrict UDP connections), we recommend using this protocol. Otherwise, please configure the VLESS (XTLS) protocol using our guide via Podkop.

Configuring WireGuard on an OpenWrt router

1. Install the required WireGuard packages:

opkg update && opkg install wireguard-tools luci-proto-wireguard

or in LuCI: go to System → Software, enter the package names in the Download and install package field, click OK, and confirm the installation.

Creating a WireGuard Interface via LuCI

2. Open the router’s web interface in a browser: http://192.168.1.1 (or specify a different router IP) and go to: Network → Interfaces → Add new interface:

3. Specify the parameters:

4. Click Create interface.


Importing the Configuration File

5. In the interface settings, click Load Configuration and paste the contents of the .conf file or upload the whole file.
Click Import settings (if necessary):

Checking the Parameters

6. Open the configuration file in a text editor and verify that the values match:

7. For the newly created Peer, click Edit:

8. Enable the Route Allowed IPs option:

9. Then click Save, followed by Save & Apply.

Assigning a Firewall Zone

10. Go to Network → Firewall:

11. Create a new zone with these settings:

12. Click Save, then Save & Apply.

13. Click Edit for the lan zone:

14. In the Allow forward to destination zones field, add the VPN zone you created.

15. Click Save, then Save & Apply.