Goal: VPN to be used on 2 iphones and an iPad intermittently to be able to access home camera security system.
I was previously using OpenVPN for years without any issues. Then one day it just stopped working on both phones and iPad, out of the blue. Could not get it working again. The VPN would connect no problem but the cameras would not connect. Then I discovered Wireguard.
I configured it as below. The problem I’m having is reliability. E.g., this was working on Client 1 (iphone), but then stopped. The VPN connects, but when I connect to the camera system (Blue Iris) it can’t connect. It’s currently working no problem on Client 2 (iPad) - VPN connects, BlueIris pops right up with no issues. So I’m not really sure what’s going on, it seems to work for a while and then… not.
Really appreciate any tips. The setup is as follows:
I’m on a TP-Link Omada system, with ER605v2 router which is where I’m configuring Wireguard. I used https://www.wireguardconfig.com/ to set things up as well as I’m not a networking expert by any means.
Router wireguard settings:
(Home network is 192.168.1.0/24)
MTU 1420
Listen Port 51820
Local IP address: 192.168.0.1
Peers:
Allow address: 192.168.1.0/24 (for all Peers) & 192.168.0.2/24 (for Peer 1), 192.168.0.3/24 (for Peer2) and 192.168.0.4/24 (for Peer 3)
Persistent keepalive 25
The endpoint and endpoint port fields are blank.
Here’s what the wireguard config tool generated, and I used these QR codes to set up the tunnels on the clients (keys & WAN IP erased).
EDIT: Figured out the problem! It turns out only one Peer was functioning at a time, whichever one I access from a client first. So if I connected to Client 1 from iPhone, Client 1 VPN would function normally but the others wouldn’t. And I could connect Client 1 from any of the devices, but only using the Client 1 configuration.
So after figuring that out and doing some google searching and finding this post, it turns out the allowed addresses on the Peer side needs to be “192.168.0.2/32” (rather than 192.168.0.2/24, which is how I originally had it).
So I made that change and voila, now I can connect to any of the peers from any of my devices, and it seems to work reliably.
Now… I have no idea why that is, so if someone can explain it I’d love to learn!