How to set up WireGuard VPN Server on Deco APP

Configuration Guide
Updated 07-23-2024 07:22:47 AM 15763
This Article Applies to: 

WireGuard is a cutting-edge open-source VPN protocol known for its speed, security, and simplicity. With modern encryption and streamlined design, it offers fast and secure virtual private network connections across various platforms.

Please follow the steps below to set up the Wireguard VPN Server on Deco APP.

1. Launch the Deco app. Go to MORE > Advanced > VPN Server, and tap Add VPN Server.

2. We recommend enabling DDNS (Dynamic Domain Name System) to bind your WAN IP to a domain name. This can prevent issues with your WAN IP changing, which might otherwise cause VPN connection problems.

Please refer to this link: https://www.tp-link.com/support/faq/3481/

3. View the default WireGuard VPN settings, as shown above. The parameters are automatically filled in, and do NOT change them unless necessary.

Select your Client Access type. Select Home Network Only if you only want the remote device to access your home network; select Internet and Home Network if you also want the remote device to access the internet through the VPN Server.

4. (Optional) Click Advanced Settings to display more settings.

If Allow DNS is turned on, the Deco will become the DNS server of the VPN client that establishes a connection with it. It is vital for ensuring your online privacy.

Change the Persistent Keepalive time (25 seconds by default) to send out heartbeat regularly, you can also click RENEW KEY to update the private key and public key.

5. Locate the Peer List section. Click Add Peer to create an account.

Address: The IP assigned by server to the VPN tunnel of the Client after the connection.The Address should be included in the Allowed IPs(Server).

Allowed IPs(Server): The IPs of the clients allowed to communicate with the server.

Allowed IPs(Client): The destination IPs that the client is allowed to access via the VPN tunnel. In most cases, the default configuration can meet the needs.

6. Click “Done”.

Note: One account can only be used by one WireGuard VPN client at the same time to connect to the WireGuard VPN server.

7. Connect to the WireGuard server:

On the Peer List, click in the Modify column of the corresponding account.

• For mobile phones, download WireGuard App from Google Play or Apple Store, then use the App to scan the QR Code to connect to this server.

• For other devices (e.g. TP-Link WireGuard VPN client), click EXPORT Config File to save the WireGuard VPN configuration file which will be used by the remote device to access your router.

8. On the Peer list, you can click the button to modify the VPN server settings, connect to the server, or delete the account.

Is this faq useful?

Your feedback helps improve this site.

Community

TP-Link Community

Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.

Visit the Community >

From United States?

Get products, events and services for your region.