24
Votes

Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)

 
24
Votes

Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)

Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)
Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)
2023-12-02 14:34:18 - last edited 2024-06-18 09:26:53
Tags: #Wireguard
Model: OC200  
Hardware Version:
Firmware Version:

Currently wireguard does not have any easy way to export a profile to send to a device or user.

 

Request:

Add a QR code popup button at the peer list to show a QR code AND a *.wg* download button.

 

On peer creation please auto generate and populate the keys so its faster to rollout profiles. 

 

Add the ability to use a HOSTNAME with wireguard and mark it as unstable if its a non official support method or stable enough. 

 

 

ZX

 

 

#1
Options
1 Accepted Solution
Re:Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)-Solution
2024-06-18 09:25:37 - last edited 2 weeks ago

Hi all,

Wireguard FQDN has been scheduled to V5.15.X and its adapted firmware.

Wireguard PBR has been scheduled to V5.16.X - Wireguard policy routing

 

Please note that this will involve an adapted firmware, not just a controller update. Firmware development is a complex process, and timelines may change. Therefore, we cannot provide a specific release date at this time. Please stay tuned to future firmware release notes for updates.

When introducing a feature like this, we typically apply it uniformly across all models to ensure consistency and a seamless user experience.

 

However, it's essential to acknowledge that hardware limitations may exist, which might prevent us from adding the feature to certain models. In such cases, we cannot provide individual notifications explaining the reason. Please note that we cannot guarantee the fulfillment of all requests, and we must set clear expectations upfront.

Sub this to get the update timely: Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
#6
Options
17 Reply
RE:Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)
2023-12-02 21:37:39
make more sense.
#2
Options
Re:Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)
2023-12-04 02:15:02

Hi @Xarishark 

Thanks for your valuable feedback and post here. This request has been forwarded to the developer team for further evaluation.

You can subscribe to the firmware release thread which is pinned on the related page. Or pay attention to our official website where most releases will show up there very soon.

As a reminder, any request will be evaluated by our developer team before it is officially added to the roadmap. That may take some time before you see a release with this feature. If your requested feature is not on high priority or not reported by many people, it may be delayed for more feedback.
(This is not a guarantee that your requested feature will be implemented. Only requests passed the evaluation can be added to the roadmap.)

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
#3
Options
Re:Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)
2023-12-19 03:26:40

  @Xarishark 

QR Code? The developer probably doesn't know how to generate a QR Code! He doesn't even give us a simple FQDN on the wireguard endpoint parameter.

#4
Options
Re:Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)
2024-03-25 12:07:29 - last edited 2024-03-25 12:09:13

As of the latest update wireguard does not require to set an incoming WAN IP or FQDN. That is a good first step in the right direction! For easier config generation right now people can use the Wireguard Config Generator (wireguardconfig dot com) for key generation so they dont have to use the wg genkey command to generate private keys manually each time for each machine as the site autogenerates multiple keys and conf files from a HUGE seed. Wireguard is an amazing protocol right now and IMHO tp-link should focus to make allowed ips easier to configure so people can select to generate configs for split tunnels or full traffic tunnels easier.

 

Here is what I would like to see in future updates:

 

1)Make key generation easier and more user friendly for faster rollouts. Add a button next to the private key fields (Server AND peer tab) to allow users to click it in case they want to autogenerate the private keys. That way you help novice users to receive keys automatically in case they want and dont impede advanced users that want to input their own keys.

 

2)Give option to autofill the local ip (CIDR Field) by giving a generate ip/CIDR address/range button as most users dont you more than 4/5 ranges on sm businesses. That way advanced users have dont have to delete a CIDR every time they want to create a wireguard server but novice users can receive an ip with a simple click for their server. This should be an option for both the server AND client and for a simple clean view it should use a /32  single ip address. 

e.g. :

10.0.0.1/32 -> Server

10.0.0.2/32 -> Peer 1 Client

10.0.0.3/32 -> Peer 2 Client

10.0.0.4/32 -> Peer 3 Client

etc...

 

This makes rollout MUCH faster for multiple clients/peers by removing another input step that most users dont want to input manually but advanced users can edit themselves. REMINDER that nothing gets autofilled those addresses are filled only when the user clicks the autogenerate button next to the field of the address both for the server and the client!

 

3) Make the ALLOWEDIP field easier for admins by giving the option to add addresses from a dropdown the same way you select the WAN you want the vpn server to be able to use. Options on that dropdown should be:

 

0.0.0.0/0 

::/0

And all the current existing subnets that the local SDN manages.

This makes the creation of split tunnels or full traffic tunnels faster and easier

The field should just append the selections from the drop down with commas and also be editable in case the user wants to input custom ranges for a more advanced use. Most users want to pass all traffic through the tunnel (0.0.0.0/0, ::/0) or they want to connect to their local omada network resources securly from a remote network without passing any other traffic through the network (192.168.1.0/24 etc).

 

4) Add an endpoint field on the server setup for the purposes of config generation. Many users dont have a static IP and use a FQDN that tracks their dynamic IP. Something that TP-Link already has in their consumer routers as a DYNDNS service and would benefit but that is another problem for another time.

 

5) On the PEERS tab give the the option to download the conf file for each peer or generate a QR code (Very useful when it comes to mobile devices)

 

And lastly PLEASE make documentation better when the user hovers the cursor over a field. A tooltip would help immensely if the user does not know what a field is for.

 

ZX

#5
Options
Re:Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)-Solution
2024-06-18 09:25:37 - last edited 2 weeks ago

Hi all,

Wireguard FQDN has been scheduled to V5.15.X and its adapted firmware.

Wireguard PBR has been scheduled to V5.16.X - Wireguard policy routing

 

Please note that this will involve an adapted firmware, not just a controller update. Firmware development is a complex process, and timelines may change. Therefore, we cannot provide a specific release date at this time. Please stay tuned to future firmware release notes for updates.

When introducing a feature like this, we typically apply it uniformly across all models to ensure consistency and a seamless user experience.

 

However, it's essential to acknowledge that hardware limitations may exist, which might prevent us from adding the feature to certain models. In such cases, we cannot provide individual notifications explaining the reason. Please note that we cannot guarantee the fulfillment of all requests, and we must set clear expectations upfront.

Sub this to get the update timely: Get the Latest Firmware Releases for Omada Routers Here - Subscribe for Updates.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
#6
Options
RE:Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)
2024-07-28 23:07:21
Desperately need to be able to use fqdn in wireguard.
#7
Options
RE:Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)
2024-07-29 02:48:26

  @DrDre 

The OP posted this on December 2, 2023. Until now no firmware update to address this request! Good thing my Xfinity cable internet and Sparklight cable internet haven't changed my IP address since December when I established my Wireguard peers the second week of December. Lucky me.

#8
Options
RE:Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)
2024-07-30 12:06:03
Nice to be implemented
#9
Options
Re:Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)
2024-07-31 10:31:25

As of today we still need to use wireguardconfig-com to roll credentials for client devices.

#10
Options
Re:Make the wireguard peer generator more friendly (QR codes, exports and autogenerating codes)
2024-08-01 01:37:57

Hi @Xarishark 

Thanks for posting in our business forum.

Xarishark wrote

As of today we still need to use wireguardconfig-com to roll credentials for client devices.

Is it a part of the WG official or a third-party plug-in?

Does any other vendor implement this tool?

Let me know about this. Will see what I can write about it.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
#11
Options