WireGuard is a new VPN protocol that has been in development for the past several years. It is typically faster than OpenVPN and more flexible than IKEv2 making it a great option for securing your online activity. All the Windscribe apps already include the WireGuard protocol but if you want to use it on a router, the DD-WRT firmware added support for it as well.
Follow the steps below to set up WireGuard on your router. Note that our config generator is a paid feature.
Your configuration options may look a bit different depending on the version of DD-WRT you have.
We highly suggest you update to the most recent version of DD-WRT available for your router model: https://dd-wrt.com/support/router-database/
Log in with your account on our website https://windscribe.com/login
Then go to the WireGuard config generator page: https://windscribe.com/getconfig/wireguardStep 2
Select a location and port (use port 443 if not sure) for your connection and press Download Config
Open the downloaded config file using a text editor like Notepad.
You will need to enter the config details into the router settings. (DO NOT use the exact values in this guide, they will not work)Step 4
Open the DD-WRT router interface.
You can typically access it by visiting 192.168.1.1
in your browser.
Then navigate to the Setup
tab at the top, followed by the Tunnels
tab below that.Step 5
Press Add Tunnel
. Step 6
Choose the Enable option.
Input these options for the first section:
Protocol Type: WireGuard
CVE-2019-14899 Mitigation: Enable
NAT via Tunnel: Enable
Local Port: Leave as default (51820
Local Public Key: Leave Blank
DNS servers via tunnel: Copy the DNS from config file (will usually be 10.255.255.3
Firewall inbound: Enable
Kill Switch: Enable
Advanced Settings: Enable
Local Private Key: Use the PrivateKey
value from the WireGuard config.
Leave the rest of the options here blank.Step 8
Press Add Peer
, more options will appear below.
(Optional) Name the connection with the location or another label.Step 9
For the Peer options, enter the following values:
Peer Tunnel IP: 0.0.0.0
Peer Tunnel DNS: Copy the DNS from config file (will usually be 10.255.255.3
Endpoint Address: Enter the Endpoint
hostname and port from the WireGuard config file
Continue with the following values:
Allowed IPs: 0.0.0.0/0
Route Allowed IPs via tunnel: Enable
Persistent Keepalive: 25
Peer Public Key: Copy the PublicKey
value from the WireGuard config file
Use Pre-shared Key: Enable
Pre-shared Key: Use the PresharedKey
value in the WireGuard config fileStep 10
Finally at the bottom you will see one more option.
IP Address/Netmask: Copy the Address
value from the WireGuard config fileStep 11
Press Apply Settings
at the bottom to save the configuration and connect to the VPN using this WireGuard tunnel.
You will be able to see the status of the tunnel by looking at the peer's WireGuard Status