Helpful Links Port Forwarding Help: ua-cam.com/video/LzBa6KsfG9A/v-deo.html Captive Portal Tutorial: ua-cam.com/video/46nG8mhm5og/v-deo.html Test DDNS: justinpruett.com/glinet-troubleshoot.php Update: Many cable routers seem to struggle with TCP, please select UDP only in the Port Forwarding rule instead of both. Update: The Beryl AX came out right after this video was published, it is a much better option than the Opal in a price range that balances price and performance. Need Support? I try to answer every email and comment for free. Please see my troubleshooting page for common issues and send me an email if necessary: justinpruett.com/glinet-troubleshoot.php Want 1 on 1 Support? GLiNet has partnered with RemoteToHome to provide complete remote setup and can even handle more advanced cases not covered in the video. RTH has provided me a 5% Discount Code as well: JustinRR5 remotetohome.io/
Just wanted to share that your videos took me from essentially 0 knowledge on VPNs to successfully working remotely in Thailand for the past 4 months with no issues. Using 2 Slate AX as my setup, thanks for the help!
Wow! Thank you for sharing! Thailand doesn't have the best Internet infrastructure according to WonderShare Latency data so it is good to hear it is working there! Thank you!
So nice to hear that it works in Thailand, could you possibly test and see how the latency/ping is and preferably in which city do you test this in Thailand? I am considering working from Thailand with softphone via VPN and am very dependent on a good latency :(
@@nizzar2003 I run my home server from the UK, in Koh Samui the ping has been around 200-300ms which is obviously quite bad but I was able to take calls, there was definitely some slight delay but it was manageable. Have done video calls with no issue also.
@Speatto Thanks for sharing, I think 200-300ms can be as you say manageable, I'm thinking of moving to Phuket or Bangkok depending on where the network is more stable and which allows me to carry out my work with customer service via softphone without a large latency/ ping. @Speatto Do you also have problems with a lot of power outages considering rainy seasons or what is it like in Koh Samui?
@@nizzar2003 power outages have happened yes, I’d say 2-3 times in the last 6 months. There are coworking spaces in al lot of areas (there will be many in Bangkok) which can be useful. I’d imagine the internet stability would be similar in the main areas such as Phuket/Bangkok. I was in Phuket for a few months last year and it’s great, I will move there soon. If you’re more of a city person then Bangkok is also a great place and probably the best for work/opportunity.
This is amazing! I was trying to find a step by step video and couldn’t find anything until this. This is perfect! Ty so much! The only reason I’m doing this is because my boyfriend is in a different state for 9 months and now I can be with him 💕
I just want to want to say MANY THANKS Justin! For your time and efforts you put together to make this video tutorial. I got my GL-INET routers talking to each other.
It worked!! It took a while but only because of 2 majors issues #1, I didn't set up port forwarding correctly which required a call to my ISP (really take your time with this one). #2 I inadvertently put both routers on the same Wifi SSID. but switching one of the router to the 5G network, it worked like a charm! Thank you so much for uploading this Justin!
Port Forwarding is tricky and most ISP routers make it even harder, some even give it a different name! Glad you were able to get it all working though! Thanks for the comment!
Thank you Justin. This has been a great help. I travel for work and have always wanted to setup a VPN with my home network. Got the same two routers and the system works great!
Glad to hear! Thank you for watching and commenting! If there are any other tech things you have been wanting to do, let me know, I might be able to make a video about it!
Hey Justin, just wanna say thank you. I can't imagine how much time this guide saved me. All up and running first go, who woulda thought?! You're a real chief!
Thanks for this great tutorial. I purchased both of the items you used in your demo and the WireGuard service works perfectly. I have used it both domestically in the US and internationally with no problems. I updated the firmware on the home Opal device today, and was warned that the process would remove custom settings, so I had to reconfigure the WireGuard server. The update added a nice feature to the configuration process where you can choose to "Use DDNS Domain" so that it generates the script including the DDNS address, so you no longer need to cut and paste that information manually.
@@jonyvillanueva I only did it once and did not get caught. I work for a different company now where it’s no issue where I work and they actually encourage work from anywhere for up to 4 weeks a year!
Hello Justin. Thank you for this very useful, step-by-step guide. I appreciate your style of teaching. With your help on the nuts and bolts of this operation, my wife won't feel like she's missing out on any of her favorite streaming things while we're visiting Europe.
Thank you! Yes, that is another use for the VPN! But I was pleasantly surprised by some of the shows available in other countries as well! Back at home you can also use it to share streaming service accounts by using one IP Address at two places.
@@justinreviewsandrepairs5246 Unfortunately, I'm running into the same issue as many of the other recent commenters. Unable to start the VPN client on the 1800. The log shows the same errors others are having. 🙄I'll have to call GL Support to see if they can help.
Feel free to email me at Support@JustinPruett.com if they are unable to help. The most common problem is the Port Forwarding step which is different for everyone based on who their Internet Service Provider is. The second most common problem is trying to test using the same Internet connection as the server, which is not possible since both devices are already on the home network.
@@karimlonguar5826 - The Flint has a better processor, more memory, more ethernet ports, and 4 antennas, therefore it's faster and better for only $100 bucks. They just came out with the Flint-2 ($149) as an upgraded version.
Jason, you are the best! I have different routers but the way you explained this makes it simpler to follow for other setups. I must admit I watched the videos 50 times during the last week, read through every comment and I was about to email you when I had a last idea and worked! the dot is green now!! thank you
@@TitinaOF Hi! I am trying different ways to reach viewers from other countries on TikTok by changing the IP like this. What is your situation at the moment? What do you use that State AX and Opal setup for? What's your opinion? Could something like this that I am trying work with a setup like this?
Justin Thank you very much for this video. I have zero knowledge on networking and it was difficult to understand initially, but after watching it few times I was able to set it up. This solved a major hurdle i was facing all these days. And this is the only video which clearly points out what to do. Thanks again for your effort.
Thank you! One major change since the video was made is the "Block Non-VPN Traffic" is no longer on by default in the newer firmware. I think it should be turned on for better security: docs.gl-inet.com/router/en/4/faq/block_no_vpn_traffic/
First of all, wow thank you so much for this video! It’s taken me days to find something like this. Thank you for your responses to all questions asked as well. You’re awesome for doing this! I will be setting mine up the way you did it here and I’ll be back to let you know how it goes :)
Hi @@justinreviewsandrepairs5246 ! I was able to create my own VPN at home, thanks again!! I wanted to ask you about this: I have a friend in Spain who set up a VPN using Open VPN, but on Linux. He shared an OVPN file (server), but it's not working on my Slate AX (client). Do you think it is possible to make it work?
Just wanted to let you know your help here was instrumental in allowing us to access all our U.S. accounts while in Portugal. We were able to access everything in the U.S. as if we were there, at home. It worked flawlessly with the GLinet AX Slate and Opal routers. Took a little while to get it set up properly before we left, but with your help, it worked great in Portugal. We plan to head back there next year and this gear will be going with us again! Thank you.
Hola gorge, soy también colombiano y necesito hacer este puente, podrías ayudarme a hacer el set up de los routers, ta compre los dos pero no se como se instalan, cualquier ayuda le agradecería! Bendiciones, si algo nos comunicaremos por WhatsApp
Perdona q insista es q me urge ir a Colombia y mantener mi trabajo, cualquier ayuda y si hay algún cobro por el tutorialme hace saber, quedo atento. Thank you
Hey Justin! I just got this setup working using the Slate AX for the client and Brume 2 as the server. Thanks for putting this together, of all the resources online this video was the most helpful. The biggest headache for me was actually getting the port forwarding to work on my ISP modem because apparently its software sucks lol. Anyways, I just wanted to say thanks for this super comprehensive video. If you ever need a testimonial or advice with anything data/software engineering related (that's what I do) don't hesitate to ask.
@@josieicaza7031 for me it was just crappy software in the modem. Make sure that you’re setting up port forwarding on the correct device. For example, I had a modem which was the internet gateway and a separate router for wifi, which meant I needed to set up port forwarding on the gateway modem and connect the gl.Uber to that. The other thing is try restarting whichever device is doing the port forwarding after you set it up and give it a few minutes. If that doesn’t work then do a factory reset (make sure you can recreate whatever configurations you had) and then try setting up the port forwarding again - also with a restart after. Hope you get it working!
Justin, I apologize for my ignorance on the terminology and understanding with this stuff. You have been super helpful and I hope I did not come across rude with my last comment. I will just start over and go through the setup of each travel router and see what happens. Thanks again for your replies and content.
No need to apologize, I was just having a hard time following along with the comment. Feel free to email me and include screenshots to make it clearer: support@JustinPruett.com
Thank you so much. I wanted to highlight one thing: I followed the whole video and still faced an error when I was trying to connect(turn on) the VPN client. The reason behind that was my second router was not connected to the internet. So, if you are facing an error when you turn on the client after configuration, make sure your device is connected to the internet (similar to how you connected the first device to your home internet). Thanks.
Thank you thank you thank you! You made what was quite a complex challenge (for my low technical aptitude) so so easy to follow! I got hung up on setting the port forwarding for AT&T because I missed a step bit after that it worked like a charm
Just wanted to leave a note incase anyone runs into the same issues I had getting this setup running. I have a Brune2 as the VPN Server and the Slate take with me. I followed all the same steps, including the port forwarding on my main ISP router, except changed the IP to 10.1.0.x/24 instead of the default. After I was able to run the Server on the Brune2 I tested the connection with the Wireguard app, important to note when you're testing the connection turn off wifi and use a separate network like 4G/5G. Once I uploaded the Client config file to the Slate it initially wasn't getting a handshake and connect but I was trying on the same network. Once I had everything configured and I turned on the client outside my home network and the Slate and Brune started to talk to each other as intended. Still need to test more outside my home office but this video is the best tutorial I found on this after reading through many other pages, forum posts and documentation. THANK YOU Justin!!!
Thank you! Glad it helped! I noticed more ISP routers are using 10.0.0.x as their Local IP range which can lead to problems with the default WireGuard ®️ IP range, good job catching that!
Hi Justin, thank you for the information! I am planning on buying this router, but I have a quick question. I need to travel to South America for three weeks, but my employer does not allow me to work from there, and my computer also has a VPN set up. Can I use this VPN router to set up a US location and connect to my work VPN from there? I am new to this information, so I am trying to understand how I can do it. Thank you!
Yes, the two routers basically make a bridge from wherever you are back to your house. However, there are some speed and latency issues with video calls or anything high bandwidth like that. Also, if your home Internet goes down while you are away, you are out of luck. So be sure to test as much as you can before you go. Safe travels and thanks for watching!
@@justinreviewsandrepairs5246this is the same question I had ! So even if I my work computer has its own company built in vpn…I can still by pass this by telling the vpn that my IP address is in my “ home address “ by following your instructions? Just wanted to double confirm this information !!! Please let me know !!! And thanks once again you are the best !!!
Yes, the Travel Router establishes its own VPN connection so you can continue to use your work computer as if you were home, including their VPN service.
This is by far the best instructional video on how to get it done. I just followed all of your steps in this and the other Slate video and was able to get it done with no issues. The only difference is that I have beryl instead of Opal. Anyway, thank you!!
Thank you! Glad it helped! Please be sure to double check that "Block Non-VPN Traffic" is enabled on the Travel Router VPN Dashboard page under "Global Options" as it may not be on by default in the latest firmware! 🙏
Hi Justin, we did all the steps but we cant get the VPN client connected with Wireguard. The log file keeps telling us that is reloading firewall du to the IFUP of modem.
Someone else is having the same problem, I am going to check if new firmware is causing it. If it's not then I wonder if you both have the same ISP causing the problem. I will try to post an update soon.
@@justinreviewsandrepairs5246 We fixed the isuue with support from GL. Instead of choosing "both" in port forwarding, we needed to choose UDP and connect the 1800 in another network than the 1200. Thank you
@@nickkoutris4873 Hi Nick, I think I hit the same problem as you did. On my Client router, the yellow light is always on the "WireGuard® Client" sign of the admin website. Per your solution, is changing port forwarding from 'Both' to 'UDP' the only change you made to solve the problem?
@@nickkoutris4873 this worked for me! I switched the port forwarding from both to UDP. I also connected the repeater with the client wireguard to a different network than the network i was forwarding on (where i had my repeater with the wireguard server). I just used my hotspot to test.
@@b.n.y.a1599 i made a tutorial on my channel - how to set up a vpn server and vpn router. in that video towards the end, i show a button that ensures your connection stops working whenever the VPN stops working for whatever reason.
You are the genius and lifesaver I'm looking for. I have a trip coming up and was worried that internet access outside the US would be banned. I just placed the order through your link, and I can't wait to set up the routers for the trip.
@@justinreviewsandrepairs5246 Hi Justin, I just emailed you about a Port Fowarding question. The subject line is Port forwarding question from Danielle Chen. I tried every steps but still could not connect the two devices. However, openVPN works fine on Slate AX. It just won't connect to the Beryl AX.... Please help!
Hi Justin! I got everything set up just like in this video. However, when I connect my client Slate AX to a public WiFi network outside the home (Starbucks, the library etc.) I get the message " The interface is connected, but the Internet can't be accessed with IPv4 protocol." It works perfectly when I use my mobile hotspot to connect to the client router. Is there something wrong with my configuration? I am worried because I have an out-of-state trip to go on in 2 days, and need this system up and running. Thank you so much for your help! Best regards, Jennifer
Hi Jennifer, sometimes public WiFi networks require you to accept terms of use and things like that, it makes the process a lot more time consuming but it can be done: docs.gl-inet.com/en/4/tutorials/connect_to_a_hotspot_with_captive_portal/
@@justinreviewsandrepairs5246 Thank you so much, I realized that this might be the case. For anyone else, I fixed it by updating my client router to version 4.2, which has a new feature that essentially lets you spoof your MAC address by using a custom mac address. I went through the login page on my iPhone and then went into settings, clicked the wifi network I connected to, and then copied down the "Wifi Address". Then I copied that MAC address into the router, and then the wifi connected to the router perfectly. I hope this is helpful for someone!
@@justinreviewsandrepairs5246 Hey Justin, I am having the same problem and do not quite understand what to do. I tried to follow the directions that you posted but I was still having issues. It no longer gave me the error message of the internet being accessed, and said that it was connected, however, it did not load any web pages. I also tried to get on my phone hot spot to try that out and it said it was connected but then again, wouldn't load web pages saying that it was not connected to the internet. Could you possibly make a video of you using this system to connect to a phone hotspot or a different wifi network? Just so I could see it visually? Or if not, do you have any guidance? I appreciate this video and your responses so much!! If I can get it working it will be the best thing in the world (and I won't lose my job lol)!
Justin! Thank you so much for this video. I watched several other videos that left out so many steps and had been frustrated for several days. I finally decided to watch this video and low-and-behold, now my Opal is able to connect to my Flint2 Router. And it was able to connect to the Flint through the same AT&T Router IP! I was trying to use my phone’s hotspot but that was not working. Thanks again fellow Dallasite!
@@justinreviewsandrepairs5246 Hey Justin. After successfully connecting my Opal1200 to my Flint2 Router via WireGuard that's hardwired my AT&T ISP Router, I decided to get a backup Slate AX. I successfully setup and connected the Slate AX via WireGuard yet now the Opal won't connect. I should be able to have both of them connected at the same time, yes?
Did you generate a new configuration for the Slate AX? Each configuration file can only be used once but you can generate a new one and use both devices at once.
Thanks Justin your videos! It looks like for your work remote set up you recommend using the Slate AX router along with a GL.iNet Opal Router. In this videos comments though you recommend using the Slate AX with the GL.iNet Beryl AX instead of the Opal. Another guy on UA-cam who makes similar content/how to videos recommends using the Slate AX travel router with GL.iNet Flint 2 router. And another guy on UA-cam recommends using 2 Slate AX routers; he says the Slate AX offers faster wireguard speeds than the Beryl. 1 thing is clear - you all recommend the GL.iNet Slate AX router as the 1 to travel with. But which is the best 1 to have at home? The 4 options you 3 guys recommend are a 2nd GL.iNet Slate AX or GL.iNet Opal or GL.iNet Beryl AX or GL.iNet Flint 2. The router modem currently at home is the Xfinity Gateway XB8 (for Xfinity Comcast internet)... What router would be best to use at home with XB8?
This video is more than a year old so as new routers come out the best option changes. Currently the Flint 2 would be the fastest option but if your budget is lower then the Beryl AX is an excellent ratio of price and performance. A full list is in the description. Let me know if you have any questions or run into any issues.
@@justinreviewsandrepairs5246 I have the Xfinity Gateway XB8 router modem combo at home with Xfinity Comcast internet. I have Xfinity Comcast's largest wifi plan, the Gigabit Extra, which has up to 1200 Mbps. I'm getting the Slate AX router to travel with but I'm not sure which to get for at home - the Flint 2 or another Slate AX router? I'm not sure how to compare them or know which is better for the at home router, can you advice? Thank you!
Thanks for sharing! Do you have Fiber Optic Internet at home? The distance between the two locations introduces higher latency, so using the lowest latency Internet will provide the best results.
I tried your setup and you were very good at explaining things, it appears to be working with the VPN dashboard showing up and down traffic. Since it is going to a Beryl at the "home" location which also gives the 192.168.8.xx IP it was hard to determine if it really was working. So while doing the speed test I disconnected the client and it stopped the speed test, but I sure can't tell by the IP address. You did very well to help someone actually make this work that is far from qualified. Thanks. I am still questioning my success!
Thanks Justin for the comment. Let me give it a try. I exchanged a few msgs with nord, but not getting anywhere with them. I will definitely look up the port forwarding for the xfinity router/modem.
Here is the video that shows how to get your IP Address or MAC Address from your travel router for port forwarding: ua-cam.com/video/LzBa6KsfG9A/v-deo.htmlsi=bpljRVvc_0LTJpt8
Hi Justin, First, I want to thank you so much for the detailed step by step tutorial. Like most people here I happen to encounter the most common issue - I can’t start the VPN WireGuard Client on the travel router despite setting up the server/port forwarding. Some background, I have Verizon and even after setting up port forwarding, I run the DDNS Test I still have 2 different IP Address and the same warning - from DDNS Domain Resolution is the same as my ISP Public IP, but the WAN Interface Ethernet is still the same one it was assigned initially. Look forward to hearing from you and thanks once again! Edit: Turned out I changed from TCP to Both in the process of Port Forwarding set up and everything started to pick up and worked out fine now.
@@justinreviewsandrepairs5246 Just a follow up question - I expect a big drop in connection speed but what would you estimate the speed to be if I were to be in very long distance (thinking US-Asia Pacific)?
@khanhly-courtleveltennis how were you able to set the port forwarding in Verizon? I'm also using both in the process of port forwarding but it doesn't seem to work .... did you call verizon?
Hi Justin, I followed your tutorial to set up my glinet router, but I'm having trouble connecting. I'm not sure where I went wrong. Do you offer paid appointments to help with setup? Thanks!
Are you using a second Internet connection for the Client Travel Router you will be taking with you? You cannot test from the same connection. If you are it is likely a port forwarding problem. Feel free to email me at support@JustinPruett.com
Awesome instructions!!!! Exactly what I needed since I already have a router!!! Thanks for the config info especially the port forwarding info!! I have two Slate AX. One for Home and the other for Remote.
Thank you! The two Slate AX are an excellent choice. One extra step since the video was made, Block VPN Traffic is no longer enabled by Default, I think it should be turned on: docs.gl-inet.com/router/en/4/faq/block_no_vpn_traffic/
Awesome video Justin! I emailed him because I was having some port forwarding issues and he got back to me very quickly. Wonderful channel!!! Thank you so much, dude!
Hi Justin. I am experiencing port forwarding issues with my Virgin Sagecom FST5250 device. I can’t find good videos on the internet and when I set up the conditions similar to yours it says it’s not valid. Is port forwarding absolutely necessary for the extra security with opal? What can I do? Thanks in advance- you are a life saver
Precisely the issue I encounter when I type “51820” in the port forwarding rules is “you must enter either a number or a range between 1 and 65535. With a range, put the larger number at the end”
Hey Justin thank you for this amazing video! Most detailed out of everything I looked up. I watched multiple times now and sorry for some dumb questions if you don’t mind. 1. With port forwarding between home router and travel router, do we need a VPN subscription like NordVPN? Cuz I looked up NordVPN and they dont allow port forwarding, and also I didn’t see you logging in to anything. 2. What is your Frontier router’s role in this? I saw that you are leaving Opal at home and traveling with Slate AX but didn’t get why you’re adding in Frontier. Thank you!
Thank you! 1. In this video you are basically running your own VPN Service, you do not need Nord for this video. There is another video that covers using Nord. 2. Frontier is my Internet Service Provider, they provide me with a router and instead of replacing theirs I added the Opal. If you have Fiber Optic Internet you can probably get the Flint 2 router and replace the ISP router completely. If you have cable, you must use a modem which typically is bundled with a router these days. So unless the GLiNet router is the main router you will have to do the Port Forwarding step. Please let me know if you have any other questions Thank you - Justin
@@justinreviewsandrepairs5246 hey Justin, thank you so so so much for explaining. The set up worked out perfect for me. The two things that did the trick was first only enable UDP on the home router port forwarding and second change the default IP address 10.0.0.1 to 10.1.0.1 on the stay at home server router. Hope this helps others too. Again thank you!
Do you have Xfinity? For some reason their routers use the same IP Address range as WireGuard ®️ which is why you had to change it. Glad you got everything working! Thanks for sharing!
@@justinreviewsandrepairs5246 exactly I use Xfinity! Don’t mind this extra step and I noticed traceroute that it takes 1 step in my home city before routing to the next steps.
Hey Justin! Thanks for everything you did with this setup. I do have a question though. Everything was working inside my home network. Yesterday, I went to a dealership for a maintenance and I decided to bring my wireguard client Beryl AX with me to test it out outside of my home network. I left my wireguard server Berly at home basically. There was no issue with connecting to the dealership's wifi via my wireguard client, didn't have to deal with a captive portal or anything like that. The issue I had started when it came to enabling my wireguard client on the dealerships wifi. It kept stuck at the status saying "the client is starting please wait". When I checked the logs I saw an error something like this "user.notice firewall : reloading firewall due to ifdown of wgclient". Do you have any idea what causes this issue by any chance? Should I add the every IP address of the network I am in to my router first and then enable wireguard client? Or is it something else? Thanks!
If it works from another network such as a hotspot or friends network, then it may have been the dealership blocking traffic because it was not http traffic on port 80 or 443. If you are in the United States I have been having decent results from Dish's Project Genesis 5g hotspot for just $20/month
Thanks Justin. Yeah, I think I need to try this at my friend's house first. This might be related to the dealership only like you said. I will try again and let you know! Thanks again! And yes, my phone hotspot just works fine with wireguard client enabled.
Hi Justin! Thanks so much for the super helpful guide. I have followed the same steps exactly and was successful in connecting, however, I ran into a couple of issues. The first one is, the travel router (AX) would not connect to my Home IP VPN if the AX is connected to my home Wifi, it only connected when it was connected to an external network (my iPhone as a hot spot or external Wifi network), is this normal? Or is something wrong? The other issue is, the speeds are very slow, I mean given network speeds of about 100Mbps to 150 Mbps, I got speeds of about 5Mbps to 15Mbps with bad latency (about 60ms) when connected to Home IP VPN, please let me know if this speed reduction is normal or if there is something I can try to help with this. The Opal is connected via Ethernet by the way.
Yes, the Slate AX should be on a different network than the Opal that stays home. Increasing speed is tricky, using WireGuard®️ is the faster option so then you can try using Ethernet cables instead of wireless and make sure your upload and download speeds from your Internet provider are fast.
Hi Justin! In the screen show in minute 5:31, I have a tab that says Profiles and has this text: Each client device that connects to the WireGuard server requires a unique peer configuration. You need to create a separate configuration for each client device; each configuration must specify a unique client IP. I am unsure what to do about this. It also has an option to Add a profile
From the Server Router you can generate a profile for each Client Travel Router. So if you had three routers and two were to be used as a Client, you would generate a new profile for each one. Never use the same configuration profile on more than one device since it contains unique routing information.
Thank you! Once you get connected at your destination, please enable "Block Non-VPN Traffic" from the Client VPN "Global Options" menu for added protection.
Thank you Justin for the informative video! GL-iNet is now version 4.5.16 and options are rearranged (a lot) but your video still hits all the major points. On your remote client router, Slate AX in your example, did I miss where you can specify a split router? In an ideal world what two GL-iNet routers would you recommend for 2024? Another question I can not find a definitive answer; I want my Client(s) to access location A and location B. I would like to be able to reach all devices in BOTH locations. If location A, HOME devices are 192.168.1.x/24, do devices on location B, OFFICE have to be on a different sub net 192.168.2.x/24 (NOT be the same as 192.168.1x/24)?
Thank you, I guess it is time to make an updated video. For your use case I would highly recommend considering the Ubiquiti UniFi UDM Pro to establish the site-to-site connection. They have some cheaper options as well, but in general Ubiquiti is very expensive because it makes that type of advanced network set up easy. The GLiNet routers are great but they are not intended for your use case. I will need to upgrade my firmware to see what you are seeing as far as the split "router", could you explain what you mean by that?
hi Justin. quick question. I also have frontier and looking to buy a GL-MT3000 / Beryl AX (for travel). I want to connect to my home IP in USA from Ecuador. Do I need to buy a second travel router like you have in the video (because you have the OPAL for home) I was looking at the GL-MT6000 / Flint 2 for home to "" what frontier provides. That is my question. can I simply replace the frontier one or do I need 2 routers at the home like you have the OPAL and the one from frontier? I appreciate the time and effort you put into breaking down step by step how to move forward with setting up wireGuard to connect to our home IP.
Frontier is great, it is Fiber Optic Internet so you can plug in any router to their ONT. So the Flint 2 would have a cable from the ONT to the WAN port of the Flint 2 and run your Server without the need to Port Forward. The Beryl AX would be your Client, but keep in mind you should still test your setup from a second Internet connection. In the video, I was actually port forwarding from the Frontier Router to an Ubiquiti UDM Pro router that was port forwarded to the Opal Travel Router that was running the Server. So there is a lot of flexibility with how you can set things up. Today, there are some other brands that offer WireGuard ®️ as well, so if you happen to have a supported Asus router or Ubiquiti UDM Pro, you could actually use that router as the Server. I used the Opal because it was the cheapest option that still provided decent speeds at the time. Today I would probably buy two Beryl AX for about the price of the Opal and Slate AX. The Flint 2 is designed for home use so it is larger, but it does provide the best WireGuard ®️ speeds you can get between the four routers we discussed.
If you have a Dynamic IP Address from your ISP, you must enable DDNS because your Public IP Address could change at any time. If you have a Static IP Address you can leave it off because your Public IP Address will never change. Most Residential ISP will have Dynamic Public IP Addresses so you will need to enable DDNS. The GLiNet DDNS service is provided for free so you might as well take advantage of it.
Hi Justine! Thanks for this video! I just have a few question. It was mentioned that your router is behind NAT. GLinet website says you wont be able to setup a server if you're behind NAT. Can you confirm if your router is actually behind NAT or they gave you dedicated public IP by checking WAN on your ISPs router and the ip you have on whatismyip? If they're not the same and indeed behind NAT, which ip address did you use for the DDNS? The one on the router or the one from whatismyip? Thanks!
You might be referring to cgNAT? NAT is good, I have a dynamic IPv4 address from my ISP and DDNS automatically handles it. cgNAT is a common practice among 5g Internet providers and you share your IP with other customers so you cannot port forward.
Hi Justin - My use case is working remotely from other countries (outside the US) while using my home IP address in LA. At home, I currently have Spectrum cable with a separate router and modem. What gear from Gl.Inet should I buy to ensure that my zoom video calls have no lag. A: 2 Ax Slates (1 at home, 1 away from home) B: 1 Slate at home, 1 Beryl AX away from home C: 1 Beryl Ax at home, 1 Slate at away from home D: 2 Beryl Ax (1 at home, 1 away from home) E: 1 Flint 2 at home, 1 Beryl Ax away from home F: 1 Flint 2 at home, 1 Ax Slate away from home Given that Spectrum provided me a specific router and modem, does that mean that options E and F (using a Flint 2 router) is off the table? Thanks!! This is extremely helpful!!
D would be your cheapest option, F would be your fastest option. All options will work. You will be limited by your cable connection which typically has low upload speeds and high latency. Upgrading to Fiber Optic Internet would be ideal to support video conferencing. For example, I have 500 download, 500 upload, and less than 4ms latency with Frontier Fiber and that allowed the Opal to achieve decent speeds for the price. The Beryl AX supports much higher speeds than the Opal.
@@justinreviewsandrepairs5246 Amazing! Thank you super helpful. I think I will go with F. just want to confirm my last question though: Given that Spectrum provided me a specific router and modem, does that mean that options E and F (using a Flint 2 router) is off the table?
The Spectrum Modem and Router combo unit can be changed to modem only so that all traffic will be handled by the Flint 2. I believe they call this Bridge mode on the Spectrum Modem Router Combo.
You can also just Port Forward to the Flint 2 as you would have done on the Beryl AX. The Flint 2 form factor may be different to provide better WiFi coverage but much of the setup is the same if you go the Port Forwarding route or the Router route.
Thank you so much for the instructions however, it looks like I am having an issue with my port forwarding setting and I call Comcast. They still are not able to do it correctly. I'll try to telenet command to see if my port was being forwarded. But it's not working.
Feel free to email me screenshots of what you have for Port Forwarding. For cable you will need to select UDP only instead of TCP or BOTH. Also, did you use a second Internet connection for the Client Travel Router? You cannot connect while already connected to the same Internet as the Server. Email: support@JustinPruett.com
Hello Justin, I’m just kind of confused about a few things: So I’ve setup the wireguard VPN on my Flint, and tunnel is successful through my Slate. I’m just trying to figure out how to make everything a wired connection since I’m afraid to turn the WiFi on my MacBook. So when I’m in a new airbnb, how would I be able to establish the tunnel (turn on wire guard through admin panel) without using WiFi? Just wanted to make sure VPN is up and running when using my work laptop. And if I have to connect the router directly to the router in the airbnb via WAN, wouldn’t there be issues with port forwarding every time I’m in a new airbnb? Just a bit confused because I know I can just connect to the Slate via WiFi, and start tethering to the airbnb network, but would it be safe enough to do it that way? I just need to make sure the device doesn’t know my true location. Does the slate AX automatically load my setting and run wire guard tunneling each time? Or do I have to activate it each time? And when connecting to the Slate, would I be connecting my MacBook to it though the LAN port, if the router is tethering to the airbnb router via WiFi? Also a bit confused about the “MTU” I have to paste to the config on my travel router. I can see in your video that it didn’t contain a MTU to paste. There’s also an option to select "Services from GL.inet use VPN" when I was activating the kill switch (Block Non-VPN Traffic) do I also need to activate the other option? I’m sorry if this sounded confusing, I don’t really know anything about networking. But stumbling upon your video motivated me to take the leap and start traveling the world while working remotely. I really appreciate any knowledge you can provide me with!
At each new AirBNB you would need to connect the travel router via WAN or connect via WiFi using another device such as your phone. No port forwarding is needed for the client.
Hi justin thanks a lot appreciate your time and effort,one quick question which one of the travel router should i do the port forwarding on, should it be the stay at home router or the one we are traveling with.
Hi, thank you! You should Port Forward from the ISP Router your Internet company provided to the Server Travel Router which stays home. This video may help explain: ua-cam.com/video/LzBa6KsfG9A/v-deo.html
I set up the Server router on my home network as indicated in the video. When I set up the Client router at my home, the one that I will use for remote work, in set up do I also connect the Client router to the same home network? Or in order for the set up to occur correctly, the Server router is on the home network, and do I need to set up the Client router on a non home network or hotspot? Thanks!
Suuuuper helpful video, thanks so much. Very new at this, so maybe this is a stupid question - is the second travel router left at home the most inexpensive way to do this? I have a netgear router which doesn't appear to support wireguard, just openVPN, so I suppose getting another gl.inet router is the cheapesr way to set up a wireguard server? Secondly, would plugging the home gl.inet router directly into the modem and bypassing the other home router obviate the need to set up port forwarding? Thank you!
If you don't need the VPN to be fast, you can use OpenVPN on your existing router. Otherwise GLiNet is a very affordable way to host a server. If you have old computers you could use those as a server, but it would need to be left on 24/7 so the electricity cost may be a factor to consider as well since the GLiNet router uses about as much as an LED light bulb whereas an old desktop computer is like running a TV.
Yes, if you plug a cable into your Modem (Or ONT if you have Fiber) and then the other end into the WAN port of the GLiNet router you can skip Port Forwarding. In this case, the Internet Page of the Dashboard should show your Public IP Address under the Ethernet connection instead of a Local IP. You can use ip.suzam.com/ to view your Public IP Address. Let me know if you have any other questions, Thanks
@justinreviewsandrepairs5246 Perfect, super helpful. Yeah the only pcs I have are electricity guzzling custom builds, so probably going to first try using openVPN with my existing g router, and then springing for another beryl ax to set up as a wireguard server if that proves too slow. Thanks so much, by far the most helpful video on the topic I could find!
Yes, but obviously the Brume 2 does not have WiFi so it will need to be plugged in which is the preferred method for the server anyways. Let me know if you run into any problems.
I'm thinking of going with the same setup as you...have you got it up and running? If so what kind of speeds are you getting? Also does your actual computer location show you actual location or the location where your home ISP is? Thx very much in advance!
@justinreviewsandrepairs5246 thank you! And, is there a way to still do this connection without VPN ? I ask because resources I will try to access implement a VPN block, and I'm worried that there will be remains in the data that indicate it went through a VPN, even if it's not a direct VPN connection to the resources, that will trigger the block. If so, how can I configure this connection without VPN?
Companies often block Commercial VPNs based on Public IP Addresses and Allocations. If you are not blocked at home, then you should not be blocked from the Travel Router unless they are doing something like deep packet inspection on your work device. VPN is a technology, not just a brand you see in an ad, it is not possible to connect the two travel routers without one of the VPN Options: OpenVPN, WireGuard ®️, TailScale, ZeroTier, etc... this takes place outside of your laptop to create a sort of virtual cable back to your home, so it is not like when you install a commercial VPN service in your laptop.
Hey Justin, thank you very much for the tutorial. Can I ask you a question? I have a company assigned phone also and that has 2 factor authentication linked into. If I keep airplane mode and turn off my bluetooth but connect to the wifi from the router will my phone still look like as if it's appearing from my home location or will there be other ways for them to track me and know im out the country. Also, Im just curiious what's the brand of battery pack you are using in your video?
Thank you for this tutorial. I am interested in this setup, the choice of using the Opal as the receiving router. Was it chosen because there is no need to have two Slate routers for this setup and hence going with the lower priced Opal? I believe the Opal has a slower WireGuard speed does that effect the connection speed at all? Thank you
The Opal is the cheapest option (that still works for most tasks) while the Slate AX is the most expensive travel router (there are more expensive non-travel routers). You can choose any of the combinations of routers from the Description of the video or you can even use other brands such as Ubiquiti. For most people, the Beryl AX is a nice balance between performance and price. Your connection speed is limited by the routers you choose, the Internet connection on both ends, and the latency between those connections. For the Home Server, you should get Fiber Optic Internet for the best performance. Feel free to email me if you need any help. Thank you!
@@justinreviewsandrepairs5246Thanks for your reply, I actually plan on getting the Beryl soon, but I can only afford the Opal for now. One more thing, can I connect it if I have already left my home country if I have someone back home to help with the setup?
This is a great video Justin. I am planning on purchasing both as you have recommended in this video. Do you think Opal would be fast enough to use as wireguard vpn server leaving it home and have 2 or 3 connection to it from Slate that both me and my wife would use it for work while traveling and working remotely. I just wanted to make sure it is still the good solution or anything have changed since you have published this video. I am thinking Opal instead of two Slate as Opal is much cheaper but want to make sure for two person to have connection back home at the same time is still a good choice. Would there be any performance issue with Opal assuming that the internet speed is decent at the remote location. My home is ATT and 300mbs plan. And one last and important question. Is there any issue using work laptop that uses cisco any connect to vpn to work server but for it's internet connection it would connect to Slate that would then vpn back home using wiregurad ?
Thank you! Two Opal would be fine for light use like Email and browsing the web, but if you need to do more then the Beryl AX or Slate AX would be better suited because they have more processing power. The VPN connection is actually encrypting and decrypting messages as fast as it can so over time all of the models should heat up and possibly slow down if it gets hot enough, but the Slate AX has a built in fan. So far this solution seems to work with every Work VPN since the router itself is providing a VPN connection back home that your Work VPN can use to connect as it would at home. The only unsolved mystery is how to decrease latency, which is highly dependent on your Internet connection on both ends.
@@justinreviewsandrepairs5246 so you are saying the work laptop should be just fine if it needs vpn (cisco any connect) and then the vpn that Slate (wireguard) would provide. Meaning vpn over vpn. This inherently would be little slow but if the internet speed is fast enough it should work. right?
Hello Justin. You have helped me greatly in the past. Would you have any idea why suddenly port forwarding would just stop working, saying no internet? Here's a brief. The opal is at the house (Chicago) and the Slate is with me (St. Louis). When trying to port forward is says no internet. I switch the mode button and the internet works (but with the ip address in STL). I had this issue several weeks ago and I thought that the Opal went off line or there was an internet problem at home. When I got back to Chicago I tested the port forwarding using my cell phone as the internet provider and the port forwarding worked (ie showed my Chicago home IP, and when I switched the mode it showed the IP address of T-mobile in Chicago.) So, now when in STL the port forwarding does not work when using my phone as the provider or the home internet (100 mbs download and 10 mbs upload). I just get "no internet", but when I flip the mode I get internet, but with the local STL ip addresses. Any guidance would be most helpful. Thanks again, for putting up this type of content.
I think you are calling the VPN "port forwarding" but port forwarding is just one of the steps on the ISP router to allow traffic to the Opal. It sounds like your ISP router lost the setting or changed the local IP Address of the Opal. In either case it will need to be corrected. You may want to consider a UPS if a power outage (even a quick one) is to blame?
@@justinreviewsandrepairs5246 thanks brother. Would you recommend running a Tplink archer ac1750 for home openvpn server or go with a newer portable GLINET one? I already have beryl AX for the portable side
Justin, good to know I was not rude. Ok, here is the quick scoop. Just arrived back home and used my phone's internet through the slate ax to see if it would talk to the opal. I got same thing "no internet". however, I unplugged the opal and plugged back in, waited a few minutes for it to cycle up (my term) and voila they found each other I have internet from "home ip address" where the opal sits. So, I guess the issue is leaving the opal on all the time without any traffic (my term again), it sort of goes to sleep/offline and not available for the slate to find. Going forward, I will leave it off until I travel. Do you know of any other way to wake it up besides physically unplugging it/turning off/on? It is a bummer that this is the case because it makes my logging into my work's network from my "home ip" while working remotely very difficult. Hope I made sense this time. As always, thank you for your guidance and expertise.
You shouldn't have to reboot it, I have been running my Opal for more than a year now without issue. Please reach out to GLiNet to see if they can do anything for you. Either way I would consider upgrading to the Beryl AX which is newer and more powerful than the Opal.
Hi Justin, thank you for sharing this. According to your videos I bought 2 these modems, Opal and Slate. I am a beginner and I have few short questions. As I understood we don''t need VPN service with two of these? Could you just explain do we need to fix as you did im the first video related to DNS, which means to put Enceypted DNS, DNS over TLS and Cloudflare? Must we use Cloudflare or it can be Next DNS, does that mean that business data go through some server of the manufacturer? Or is it slower with that? Thank you in advance.
Thank you. Can my employer discover CloudFlare or other dns servis if I have it on the modem that I take wirh me as described? Company's VPN on the computer is Cisco anyconnect. Thank you.
Since the employer has full control of your device, they could potentially, the general idea is to stay under the radar so they don't gain full control of your device and start snooping.
Is this possible without access to the router to setup port forwarding e.g. using tailscale or zerotier? If so, can you also make a video showing steps on how to setup. Thanks.
You could setup ZeroTier ahead of time and then have the person you ship it to plug in power and Ethernet and be good to go. I hope to start on a ZeroTier video soon.
Hello, Justin. Thank you for sharing this very informative video. I have the Slate (for travel) and the Opal (for home). ISSUE: When I copy/paste the manual configuration into the Slate router (under WireGuard Client), it will not allow me to save (i.e., Apply) the file. The input box turns red when clicking "Apply." Based on what I'm seeing, my copy/paste looks identical to yours (and the example on the GL-iNet page). Do you have any idea what I could possibly be doing wrong? Thanks.
@@justinreviewsandrepairs5246 MacOS Sonoma 14.5, not that it would matter since it was a simple copy/paste exercise. Oh, well. I'm glad I got passed this point. Hopefully someone experiencing a similar issue will do what I did. BTW... you replied to my comment within 6 minutes?! That's nuts! 😂 Awesome response time! 👍🏻
Macs do some interesting things sometimes, not sure if it was a factor here, but they have something called "Smart Quotes" and "Smart Dashes" which will change characters such as ' and -- to Mac style quotes and dashes.
Hi Justin great in depth video!! Just ordered two GL Slate 1800. One will stay in TX and im traveling to Africa in a month. Question 1) what is the best way to bypass (CGNAT) using this method some threads suggest Tailscale? My Isp is starlink unable to port forward.
Yes, TailScale and ZeroTier are two common methods. Setting the "Exit Node" from the GUI is not available in Beta yet, so it will require some manual command line setup to complete the install: docs.gl-inet.com/router/en/4/interface_guide/tailscale/
Hi Justin! Regarding your comments in the updated description box, if I get the Beryl AX and the Slate AX, which should I leave at home and which should I take with me? Also how much does the MT1300 differ from the MT3000? I am an absolute novice so apologies if these are really basic questions… I want to make sure I buy the right devices. Thanks in advance!
Hello, the Opal is no longer receiving updated features, so that is why I now recommend the Beryl AX. The original Beryl may or may not get updated, but the Beryl AX is significantly faster for WireGuard ®️. In the event that you find out that you cannot do the port forwarding step, the Beryl AX supports ZeroTier which is an alternative method that will allow you to complete the overall setup. As far as which device stays home, it can be either since the devices are extremely similar, but I prefer to take the Slate AX and leave the slower device.
Thank you for the in depth video! I'm wondering if you can use 2 of the flint 2 routers for both the router you connect to your home router and the router you travel with? I'm hoping it will increase internet speeds and help with latency?
Yes you can, but it is a bit large to travel with. The Slate AX should be fine, in all cases you want Fiber Optic Internet on both sides for the best results.
Thank you! Currently working from Ghana, West Africa! To increase internet speeds should I use an ethernet cable for the travel router or will it be the same speed as the wifi option?
Wired is preferred, it should have lower latency versus WiFi. Africa has been plagued with multiple infrastructure problems recently that have degraded the Internet there. Having a Fiber Optic Internet connection at home and Starlink in Africa might be the best way to improve speeds right now until they repair everything.
Hi Justin, Thank you I see you have replied to everyone. I do have a question ! just started working remotely but they give me a little cpu which I plan on taking with me, what should I look for on the computer that might jeopardize my plans to go ? are there tools they have to conclude that this CPU left the country? I feel pretty confident everything will work just fine but I just want to make sure Im good. Thanks man
If your company is spying on you, there is not much you can do. This method basically just makes it to where you don't raise red flags, but if they are actively trying to detect you there is nothing you can do since they own the hardware and have full access to the device. Definitely look out for GPS and Cellular Connectivity tracking, but it is still possible to track people using Bluetooth and WiFi. The same networks that help you find lost pets and keys can be used to track you! Despite all of this, only one person has emailed me saying that they got caught, and it was because they didn't turn the VPN on before connecting their laptop. Most people know when their company is spying on them because the company culture is already toxic and does things like making you keep your webcam on all day. Let me know if you have any more questions as a new comment since I don't always get notified of replies. Thank you
Good evening from Virginia! Could I just buy two of the opal, leave one at home and travel with the other? Or do I need two different ones? Thank you for your response in advance!
You could, but the Opal is the slowest option. If you can afford two Beryl AX that would give you significant performance boost plus you will have the latest features from Firmware 4.
You need one to run the Server and another to be the Client. If you have an existing router or another device that can run the Server you could use that, but few ISP routers have that feature.
Hello! A few questions I hope you can help with: 1. I just got a WiFi6 Router and I'm trying to figure out how to connect to my ISP-provided modem or router. Do I connect my WiFi6 router to the ISP-provided modem or router? The ISP-provided modem only has one ethernet port, and the router has one internet and 3 ethernet ports. If I use this router, should I remove the ISP-provided router? 2. Also, should I use the LAN or WAN ports on the WiFi6 router? 3. On the travel router, how would I connect the ethernet cables? From the ISP-provided destination modem to the travel router? Or ISP-provided destination router to the travel router? 4. Not sure if you know the answer to this, I connected to the WiFi6 router for the first time, and now every internet webpage says "Internet connection is not secure." How would I be able to fix this issue? 5. Lastly, would it make sense to get a static IP address? I ask since how would you know if a dynamic IP addresss changes when you're traveling? Thank you!!!!
1. Which model GLinet router did you get? The Flint 2 has longer antennas so it could replace your existing router, otherwise you may want to plug the GLINet router into your existing router and do the Port Forwarding step.
2. You give Internet to the GLiNet router using the WAN port so a cable would go from the GLiNet WAN port to the Modem/ONT or a LAN port of the ISP router. You can plug devices into the GLiNet router such as laptops using the LAN ports.
4. Based on your previous questions, please start by making sure the router is connected properly. Then you can send me a screenshot of what you are seeing to support@JustinPruett.com
5. The GLiNet router has DDNS built in which updates when your IP Address changes so there is no need to pay for a static IP Address. In some cases, mostly apartments, you do have to pay for a static address to allow Port Forwarding because otherwise you are sharing 1 IP Address with your entire apartment complex.
Thanks for the video, Justin! If I have a combo modem/router from my ISP do I need to make it a bridge ? Or if I have wifi mesh/extensions connected to the ISP combo would they still work on their own regardless of another router connected?
I would leave the ISP Router alone besides port forwarding the required ports to the GL.inet router. This should allow your existing network to operate as normal. Thanks for watching! Please let me know if you have any more questions. Happy Thanksgiving if you are in the US!
@@justinreviewsandrepairs5246 I got two Slate AX routers and just tried to set up port forwarding with my ISP. They made it seem like I had use bridge mode instead of port forwarding since I have modem/router from ISP. Is there a downside to only having the Gl.inet network ( and having everyone in the household use this one network) or does it just come down to preference?
My company has given me the green light to work remotely from anywhere in the world but with a huge wink that this isn’t officially agreed on and more so verbal. All they ask is that whenever I access something with my company provided laptop it looks like I’m in the US. Do I still need to do this 2 travel router setup or can I do a single travel router with a commercial vpn like your last video? I’m not too familiar with setting this all up so I’m watching the two videos to figure this out now. I see another one of your comments say you would recommend the flint 2 over the slate? And if budget is a concern to use the beryl? Does this 2 router setup primarily benefit if I need my ip address to show my home address at all times?
Congrats! Which method you use depends on your company and/or your preferences. The two router method works with any company while the commercial VPN method may not work with every company due to their security policies blocking commercial VPN Providers. If your company allows commercial VPNs the setup is easier and they provide VPN Servers across the country which could provide lower latency and better speed than your home server. You can start with 1 router and a VPN Service to see if your company allows it, and if not, you can get the second router.
The Flint 2 is the fastest option and the Beryl AX is the slowest option (but it is actually still very fast for the price). The description has a list of routers you can choose based on your budget.
@@justinreviewsandrepairs5246 i ended up getting a flint2 to be the main router and vpn server. i got the beryl to bring with me. i just finished setting it up today and i believe it is working. now i turned all the eeros in my home to access points with the main gateway as bridge mode very exciting stuff
Hi Justin! Thanks so much for this video. I'm currently in Puerto Rico, but want to sent this up with a router in Florida and then have a travel router. Is it possible to set this up without me being in the location where the main router is going to be? What's the best way to do that? Also, given that this video is a couple years ago is your rec to go with Flint 2 for home and slate AX for travel?
Yes, someone can set up the server in Florida and send you the "profile" configuration to load into your Client Travel Router. Yes, the Flint 2 and Slate AX would be a great choice and they are both on sale for Prime Day today. If your remote location is your second home or something like that, you could also get a second Flint 2 for a more permanent installation. Let me know if you have any questions, - Justin
@@justinreviewsandrepairs5246 Thanks Justin. I went for two Flint 2's since my other location is my permanent location. Would the process for setting it up to be more permanent be the same process as you have in the youtube video or would you do something different? Thanks!
It would be the same, but you will likely want to set up Good Cloud on both routers for Remote Management. This isn't part of the video and is not required, but it is a nice tool when both routers are staying connected for long periods of time so you can do a firmware upgrade or change settings from anywhere.
Thank you for the video I want to ask you if I enabled DDNS on the GL.iNet router, do I still need to enable it on the first router, for example, by taking the DDNS address and putting it somewhere in the first router's menu . Note that my ist router has a dynamic ip
Thank you for this video. Question: for traveling to Europe or Asia (and or Australia), which travel router(s) should I buy? Looking at your picture, I see that you have two different GL routers. Can I connect the travel router to my xfinity router? Also, what kinds of download speeds (for iPhone photos, for example) can I expect by using my home ISP? Thank you again.
Hello thank you 1. Please see the video description for a list of routers 2. Yes, but Xfinity requires an extra step because they happen to use the same IP Address range as WireGuard ®️. The 10.0.0.1/24 has to be changed to 10.1.0.1/24 as seen here: docs.gl-inet.com/router/en/4/interface_guide/wireguard_server/#setup-wireguard-server 3. Your speeds depend on which router you get and your Internet speeds at both locations. Even the Beryl AX is fast when paired with Fiber Optic Internet. Cable usually advertises fast speeds but they don't tell you that your upload speed is comparable to what we used 20 years ago! Your Home Server Router will have to Upload to your remote location so it is preferred to have Fiber Optic Internet.
@@justinreviewsandrepairs5246 hey just reading through some comments here and had a quick question. I haven't had any issues without changing the Wireguard VPN server IP Address range for my Flint2 which i have hooked up to my xfinity home router - I haven't had any issues connecting to VPN. Am i missing something here?
Hey Justin! This is a great video. Though I am not a software expert I was able to set my routers up. But I have been facing a problem and was looking if you could help me. I have configured a flint as my home router and beryl ax as my travel router. When I set the wire guard server up they both connected well and all was fine but as soon as I took my beryl remote with me it wasn’t connecting to the wire guard but again when I got it home it would connect to the flint. Is there something that I am Missing here?
Usually people have the opposite problem 😆 It is likely that your configuration file is using your local IP Address instead of your DDNS address on the "Endpoint" line. Please double check that you see a domain instead of an IP Address on that line. If you prefer, you can email your configuration to support@JustinPruett.com
Justin - Thanks for this detailed step by step instruction. I am out of country at the moment, can my friend setup the server in his house in the US and can I order a separate router and set it up as a client remotely co-ordinating with him ? Will that work for the initial setup ?
Thank you! Yes, they can set up the server and send you the configuration profile. The small text file includes the connection information so all you do is load it in and connect.
Hello Justin! So I think I’ve got most of it setup now, but I’m just really confused about a few things. So for my travel router, I wanted to make sure everything is a wired connection with my MacBook so I never need to turn WiFi on, but noticed I can’t access the admin portal unless I connect to the router via WiFi through my MacBook. So each time I want to connect to a network I would need to: connect to the slateAX via WiFi, tether to a network through the admin portal, then turn off WiFi and connect with Ethernet? Also confused about the MTU in the config that I pasted to the travel router, and an option to select, “services from gl.inet use vpn” Thank you for your wisdom
You should be able to connect from either connection, are you using the WAN port? You may have an IP Conflict preventing you from accessing the portal.
Hi Justin, thank you for this video! I have come across many other travel remote videos but did not realize that I would need to purchase 2 routers. I was under the impression based on previous videos I have watched that I could use my home/residence router and a router for travel. I have purchased the GL.iNet Slate AX1800 Router but it seems as if this will not be enough to mask my location. Is my interpretation correct? Any additional insight or advance would be greatly appreciated. Lastly, do you know how far or the range the GL.iNet routers cover abroad? Meaning, do you know if they work in most countries or not? And to double check, all configurations need to be made before I travel correct?
If your existing router supports WireGuard®️ such as a Ubiquiti UDM router, or if you have a device such as a QNAP Nas that supports it, you can connect to those. Many people do not, so a second router is necessary. If your company allows it, you could also use a commercial VPN provider such as NordVPN or WindScribe then you wouldn't need a second router but you wouldn't be using your actual home IP Address in that scenario. That will be completely dependent on the Interference where you stay. If your room has lead paint, that will severely decrease range or if there are lots of other signals causing congestion. In general it works great because it has WiFi 6.
Thank you so much for such a thorough response. I will be attempting to try this on my own this weekend. Will me luck lol. I will check back with you and the comments if more questions arise.@@justinreviewsandrepairs5246
Hello, it's me again lol! I am running into a few roadblocks and I think it might be due to the router I am trying to connect to. I have the grey slate router that is featured in the video. Upon further investigation, I see that my home router which is a Netgear Nighthawk AC1750 Model: R6700v3 supports VPN / port forwarding. However, I am having trouble trying to connect the two. I want to use WiredGaurd, but I do not see it as an option. If I add a VPN to this router and take my slate router with me for travel instead of buying the second one featured in the video, would I be able to connect to my home internet seamlessly from abroad? I have NordVPN as well. I hope this makes sense. Thank you so much indance for taking the time to respond to my inquiries! It means a lot.
@@aten6656 make sure you have the latest firmware on both devices. If your Netgear supports WireGuard ®️ you can use it as the server. Otherwise I believe Netgear supports the older and slower OpenVPN.
Hi Justin thank you for this amazing video i have a question: for example i'm in Europe and i ll travel to Asie , i'm wondering about the time of "GitCommit"; it ll show the local datetime (Asie) or the Europe DateTime ? thanks in advance
Thank you, great question. I am not sure, you might need to manually adjust your clock if it changes or just use the git time zone option git-scm.com/docs/git-commit/2.24.0#_date_formats
Hey Justin! Great video. My home setup: Linksys router plugged into my cable modem. On my Linksys router I've enabled DDNS and it's working perfectly. I just ordered 2 AXT1800s. I'll configure one AXT1800 as the Wireguard server and plug it into my Linksys. I know how to set up port forwarding on the Linksys, so I'll do that for the Wireguard server. I'll configure the other AXT1800 as the Wireguard client, and this one will come on the road with me. Here's my question: since I have DDNS set up on my Linksys router, do I need to set it up again on the Wireguard server? Or will the Wireguard server just inherit the DDNS IP from the Linksys router? Additionally, if I don't have to set up DDNS on the Wireguard server, then I shouldn't have to override the IP address in the config file that Wireguard client uses, correct?
It won't hurt to turn on the GLiNet DDNS, you can run both. The one you choose to use should go in the configuration file for the client. The DDNS stays updated as your actual public IP Address changes, if you don't use DDNS then you will have to manually update your IP Address every time it changes.
@@justinreviewsandrepairs5246 Well, I followed your advice and I'm happy to report that I got it working the very first time! Easy peasy. You're a rockstar, Justin!
I have 2 questions and would appreciate your help. 1: I work as a Cloud Engineer and need to be able to SSH into AWS/GCP services while using a company VPN(FortiClient). Is it possible to use this setup and then still be able to use Company VPN? 2: The Slate AX device would still need to be connected to local wifi/service to connect it to Beryl AX back home? Does it need to be ethernet or a wifi device from a local service provider would work? Thanks!
1. The VPN is running on the travel router so you can continue to use your company VPN as normal. 2. Yes, the Slate AX will need Internet. Ethernet is preferred but the Slate AX has WiFi 6 which is very fast if the router you are connecting to also provides fast WiFi.
Helpful Links
Port Forwarding Help: ua-cam.com/video/LzBa6KsfG9A/v-deo.html
Captive Portal Tutorial: ua-cam.com/video/46nG8mhm5og/v-deo.html
Test DDNS: justinpruett.com/glinet-troubleshoot.php
Update: Many cable routers seem to struggle with TCP, please select UDP only in the Port Forwarding rule instead of both.
Update: The Beryl AX came out right after this video was published, it is a much better option than the Opal in a price range that balances price and performance.
Need Support?
I try to answer every email and comment for free. Please see my troubleshooting page for common issues and send me an email if necessary: justinpruett.com/glinet-troubleshoot.php
Want 1 on 1 Support?
GLiNet has partnered with RemoteToHome to provide complete remote setup and can even handle more advanced cases not covered in the video.
RTH has provided me a 5% Discount Code as well: JustinRR5
remotetohome.io/
What do you do once you're in your new location to test and connect? Can you make a video about this
This did the trick!!! I didn't match isp assigned ip! YOU WERE EXCELLENT!! APPRECIATE YOU AGAIN!💯💪🏿🙏🏿
If my home internet has a static ip, what steps would I use? Thanks
@@russhewett514good question.
@@russhewett514 you simply don't use Dynamic DNS. Everything else is the same.
I want to comment how Justin is very responsive and kind to answer questions. From all of us, Thank You
Thank you, I appreciate your support! 🙏
110% He's Awesome!!!
Just wanted to share that your videos took me from essentially 0 knowledge on VPNs to successfully working remotely in Thailand for the past 4 months with no issues.
Using 2 Slate AX as my setup, thanks for the help!
Wow! Thank you for sharing! Thailand doesn't have the best Internet infrastructure according to WonderShare Latency data so it is good to hear it is working there! Thank you!
So nice to hear that it works in Thailand, could you possibly test and see how the latency/ping is and preferably in which city do you test this in Thailand? I am considering working from Thailand with softphone via VPN and am very dependent on a good latency :(
@@nizzar2003 I run my home server from the UK, in Koh Samui the ping has been around 200-300ms which is obviously quite bad but I was able to take calls, there was definitely some slight delay but it was manageable. Have done video calls with no issue also.
@Speatto Thanks for sharing, I think 200-300ms can be as you say manageable, I'm thinking of moving to Phuket or Bangkok depending on where the network is more stable and which allows me to carry out my work with customer service via softphone without a large latency/ ping. @Speatto Do you also have problems with a lot of power outages considering rainy seasons or what is it like in Koh Samui?
@@nizzar2003 power outages have happened yes, I’d say 2-3 times in the last 6 months. There are coworking spaces in al lot of areas (there will be many in Bangkok) which can be useful.
I’d imagine the internet stability would be similar in the main areas such as Phuket/Bangkok. I was in Phuket for a few months last year and it’s great, I will move there soon. If you’re more of a city person then Bangkok is also a great place and probably the best for work/opportunity.
This is amazing! I was trying to find a step by step video and couldn’t find anything until this. This is perfect! Ty so much! The only reason I’m doing this is because my boyfriend is in a different state for 9 months and now I can be with him 💕
Glad it helped! Thank you!
I just want to want to say MANY THANKS Justin! For your time and efforts you put together to make this video tutorial. I got my GL-INET routers talking to each other.
Great to hear! Thank you for the comment! Comments like this keep me going!
It worked!! It took a while but only because of 2 majors issues #1, I didn't set up port forwarding correctly which required a call to my ISP (really take your time with this one). #2 I inadvertently put both routers on the same Wifi SSID. but switching one of the router to the 5G network, it worked like a charm! Thank you so much for uploading this Justin!
Port Forwarding is tricky and most ISP routers make it even harder, some even give it a different name! Glad you were able to get it all working though! Thanks for the comment!
Hey ugomma, any chance you can show me how you tackled the 5g issue? I may be having the same issue. Can’t seem to run the client
What do you mean set port forwarding up correctly?how do i know if im doing it correctly?
Thank you Justin. This has been a great help. I travel for work and have always wanted to setup a VPN with my home network. Got the same two routers and the system works great!
Glad to hear! Thank you for watching and commenting! If there are any other tech things you have been wanting to do, let me know, I might be able to make a video about it!
Thanks a million, this is the only video that I found that made sense and was actually helpful with no added long talking.
Thank you!
Hey Justin, just wanna say thank you. I can't imagine how much time this guide saved me. All up and running first go, who woulda thought?! You're a real chief!
Thank you! Comments like yours keep me motivated!
Could you please share how you got the public IP address?
Thanks for this great tutorial. I purchased both of the items you used in your demo and the WireGuard service works perfectly. I have used it both domestically in the US and internationally with no problems. I updated the firmware on the home Opal device today, and was warned that the process would remove custom settings, so I had to reconfigure the WireGuard server. The update added a nice feature to the configuration process where you can choose to "Use DDNS Domain" so that it generates the script including the DDNS address, so you no longer need to cut and paste that information manually.
That's great to hear! GLiNet does a great job making things easier to use! Thanks for sharing!
Just re-watched and can't thank you enough! Got everything setup so now I can work on the go ;)
Any updates? How did it go?
@@jonyvillanueva I only did it once and did not get caught. I work for a different company now where it’s no issue where I work and they actually encourage work from anywhere for up to 4 weeks a year!
Hello Justin. Thank you for this very useful, step-by-step guide. I appreciate your style of teaching. With your help on the nuts and bolts of this operation, my wife won't feel like she's missing out on any of her favorite streaming things while we're visiting Europe.
Thank you! Yes, that is another use for the VPN! But I was pleasantly surprised by some of the shows available in other countries as well! Back at home you can also use it to share streaming service accounts by using one IP Address at two places.
@@justinreviewsandrepairs5246 Unfortunately, I'm running into the same issue as many of the other recent commenters. Unable to start the VPN client on the 1800. The log shows the same errors others are having. 🙄I'll have to call GL Support to see if they can help.
Feel free to email me at Support@JustinPruett.com if they are unable to help. The most common problem is the Port Forwarding step which is different for everyone based on who their Internet Service Provider is. The second most common problem is trying to test using the same Internet connection as the server, which is not possible since both devices are already on the home network.
Thank you so much!! This method is amazinggg! So I just wanna confirm with this method there is no need for a VPN provider like Nord right?
@@Yld.Thigertz I did not use any 3rd party VPN. Only the WireGuard VPN built into the Slate AX and Opel devices.
This video is great. I use the Flint as my home router and Beryl AX as my travel router. Following your instructions made setup super easy.
Glad it helped!
Why did you use Flint?
How many travel routers can connect to flint?
@@karimlonguar5826 - The Flint has a better processor, more memory, more ethernet ports, and 4 antennas, therefore it's faster and better for only $100 bucks. They just came out with the Flint-2 ($149) as an upgraded version.
Hey I have those same router and would needs some additional help with mines
Jason, you are the best! I have different routers but the way you explained this makes it simpler to follow for other setups. I must admit I watched the videos 50 times during the last week, read through every comment and I was about to email you when I had a last idea and worked! the dot is green now!! thank you
Thank you! And thank you for increasing my view count! 😄 Feel free to comment or email if you do run into any problems!
How is everything working?
Really good. Not a problem at all. I have not had to do anything else after I set it up the first time
@@TitinaOF Hi! I am trying different ways to reach viewers from other countries on TikTok by changing the IP like this. What is your situation at the moment? What do you use that State AX and Opal setup for? What's your opinion? Could something like this that I am trying work with a setup like this?
Justin Thank you very much for this video. I have zero knowledge on networking and it was difficult to understand initially, but after watching it few times I was able to set it up. This solved a major hurdle i was facing all these days. And this is the only video which clearly points out what to do. Thanks again for your effort.
Thank you! One major change since the video was made is the "Block Non-VPN Traffic" is no longer on by default in the newer firmware. I think it should be turned on for better security: docs.gl-inet.com/router/en/4/faq/block_no_vpn_traffic/
First of all, wow thank you so much for this video! It’s taken me days to find something like this. Thank you for your responses to all questions asked as well. You’re awesome for doing this! I will be setting mine up the way you did it here and I’ll be back to let you know how it goes :)
Thank you! Let me know if you run into any problems!
Thank you so much for this, because of you I’m able to spend time with my girlfriend abroad where otherwise we would’ve been apart for months
Glad it helped! Feel free to name your children after me! 😜
Seriously I wouldn’t have been able to figure it out without this video and your help! Thank you so much
Glad it helped, thank you!
You deserve an award for this video because you have steps that others leave out. Thanks!
Thank you!
The most useful video on internet! thank you so much Justin!! I'm going to order Slate AX X2. Saludos desde Argentina!
Glad it was helpful! Thank you!
Hi @@justinreviewsandrepairs5246 ! I was able to create my own VPN at home, thanks again!! I wanted to ask you about this: I have a friend in Spain who set up a VPN using Open VPN, but on Linux. He shared an OVPN file (server), but it's not working on my Slate AX (client). Do you think it is possible to make it work?
Lograste hacerlo , yo no he podido
@@TheDicampo Sí, lo tengo funcionando
I used Brume 2 for Wireguard Server and Beryl AX for travel router, works like a charm. Like others said here - use UDP instead of TCP/UDP, just UDP.
Thank you for sharing!
I have the same setup. Can you access the Brume Admin page while being connected to the berry client? Because I don't know how to make that work
Hello Thanks for sharing.. how about your work phone? Any ideas of how to use your work phone ?
Just wanted to let you know your help here was instrumental in allowing us to access all our U.S. accounts while in Portugal. We were able to access everything in the U.S. as if we were there, at home. It worked flawlessly with the GLinet AX Slate and Opal routers. Took a little while to get it set up properly before we left, but with your help, it worked great in Portugal. We plan to head back there next year and this gear will be going with us again! Thank you.
Thank you for sharing! I am glad it worked well! 🙏 Thank You!
Hey man thank you so much been working for a week from Colombia .. I'm like the happiest man alive 😂
Hola gorge, soy también colombiano y necesito hacer este puente, podrías ayudarme a hacer el set up de los routers, ta compre los dos pero no se como se instalan, cualquier ayuda le agradecería! Bendiciones, si algo nos comunicaremos por WhatsApp
Perdona q insista es q me urge ir a Colombia y mantener mi trabajo, cualquier ayuda y si hay algún cobro por el tutorialme hace saber, quedo atento. Thank you
No ayuda a los paisanos 😢
Hey Justin! I just got this setup working using the Slate AX for the client and Brume 2 as the server. Thanks for putting this together, of all the resources online this video was the most helpful. The biggest headache for me was actually getting the port forwarding to work on my ISP modem because apparently its software sucks lol. Anyways, I just wanted to say thanks for this super comprehensive video. If you ever need a testimonial or advice with anything data/software engineering related (that's what I do) don't hesitate to ask.
Thank you! I am a software engineer too! Email me your discord or Google Hangouts if you want to talk shop, I am full stack. Work@JustinPruett.com
Hey @ZahScr , any tips for getting the port forwarding to work?
@@josieicaza7031 for me it was just crappy software in the modem. Make sure that you’re setting up port forwarding on the correct device. For example, I had a modem which was the internet gateway and a separate router for wifi, which meant I needed to set up port forwarding on the gateway modem and connect the gl.Uber to that.
The other thing is try restarting whichever device is doing the port forwarding after you set it up and give it a few minutes. If that doesn’t work then do a factory reset (make sure you can recreate whatever configurations you had) and then try setting up the port forwarding again - also with a restart after.
Hope you get it working!
Thank you!!
@@zahscr did it need a public Ip ? Thanks
Justin, I apologize for my ignorance on the terminology and understanding with this stuff. You have been super helpful and I hope I did not come across rude with my last comment. I will just start over and go through the setup of each travel router and see what happens. Thanks again for your replies and content.
No need to apologize, I was just having a hard time following along with the comment. Feel free to email me and include screenshots to make it clearer: support@JustinPruett.com
Thank you so much.
I wanted to highlight one thing: I followed the whole video and still faced an error when I was trying to connect(turn on) the VPN client. The reason behind that was my second router was not connected to the internet. So, if you are facing an error when you turn on the client after configuration, make sure your device is connected to the internet (similar to how you connected the first device to your home internet).
Thanks.
facing the same problem do we connect the slate AX to our laptops or an actual ethernet router??
Thank you thank you thank you! You made what was quite a complex challenge (for my low technical aptitude) so so easy to follow! I got hung up on setting the port forwarding for AT&T because I missed a step bit after that it worked like a charm
Port forwarding is tricky because every ISP router is different, glad the video helped though!
Can you PM me how you did port forwarding with AT&T because I wasn't able to set it up?
Just wanted to leave a note incase anyone runs into the same issues I had getting this setup running. I have a Brune2 as the VPN Server and the Slate take with me. I followed all the same steps, including the port forwarding on my main ISP router, except changed the IP to 10.1.0.x/24 instead of the default. After I was able to run the Server on the Brune2 I tested the connection with the Wireguard app, important to note when you're testing the connection turn off wifi and use a separate network like 4G/5G.
Once I uploaded the Client config file to the Slate it initially wasn't getting a handshake and connect but I was trying on the same network. Once I had everything configured and I turned on the client outside my home network and the Slate and Brune started to talk to each other as intended. Still need to test more outside my home office but this video is the best tutorial I found on this after reading through many other pages, forum posts and documentation. THANK YOU Justin!!!
Thank you! Glad it helped!
I noticed more ISP routers are using 10.0.0.x as their Local IP range which can lead to problems with the default WireGuard ®️ IP range, good job catching that!
Hi Justin, thank you for the information! I am planning on buying this router, but I have a quick question.
I need to travel to South America for three weeks, but my employer does not allow me to work from there, and my computer also has a VPN set up.
Can I use this VPN router to set up a US location and connect to my work VPN from there?
I am new to this information, so I am trying to understand how I can do it.
Thank you!
Yes, the two routers basically make a bridge from wherever you are back to your house. However, there are some speed and latency issues with video calls or anything high bandwidth like that. Also, if your home Internet goes down while you are away, you are out of luck. So be sure to test as much as you can before you go. Safe travels and thanks for watching!
@@justinreviewsandrepairs5246this is the same question I had ! So even if I my work computer has its own company built in vpn…I can still by pass this by telling the vpn that my IP address is in my “ home address “ by following your instructions? Just wanted to double confirm this information !!! Please let me know !!! And thanks once again you are the best !!!
@@ratimes8k yes, you can bypass it this way.
@@zahscr aye how can I set up the vpn using a web link from the hotel I am staying at…for some reason I can’t get it done any help
Does this work even if my work needs me to sign into one of their VPN?
Yes, the Travel Router establishes its own VPN connection so you can continue to use your work computer as if you were home, including their VPN service.
This is by far the best instructional video on how to get it done. I just followed all of your steps in this and the other Slate video and was able to get it done with no issues. The only difference is that I have beryl instead of Opal. Anyway, thank you!!
Thank you! Glad it helped! Please be sure to double check that "Block Non-VPN Traffic" is enabled on the Travel Router VPN Dashboard page under "Global Options" as it may not be on by default in the latest firmware! 🙏
@@justinreviewsandrepairs5246 Yes, I just checked and I did block non-vpn traffic. Good point. Thanks!
Hi Justin, we did all the steps but we cant get the VPN client connected with Wireguard. The log file keeps telling us that is reloading firewall du to the IFUP of modem.
Someone else is having the same problem, I am going to check if new firmware is causing it. If it's not then I wonder if you both have the same ISP causing the problem. I will try to post an update soon.
@@justinreviewsandrepairs5246 We fixed the isuue with support from GL. Instead of choosing "both" in port forwarding, we needed to choose UDP and connect the 1800 in another network than the 1200. Thank you
@@nickkoutris4873 Hi Nick, I think I hit the same problem as you did. On my Client router, the yellow light is always on the "WireGuard® Client" sign of the admin website. Per your solution, is changing port forwarding from 'Both' to 'UDP' the only change you made to solve the problem?
@@nickkoutris4873 this worked for me! I switched the port forwarding from both to UDP. I also connected the repeater with the client wireguard to a different network than the network i was forwarding on (where i had my repeater with the wireguard server). I just used my hotspot to test.
@@chyfsam Any update on this? I'm having the same issue and changing from 'both' to 'UDP' didn't fix the issue
Is there a Killswitch to stop internet if it isn't pulling the residential IP?
Yes, on the Client go to Global Options and enable "Block Non-VPN Traffic"
@@justinreviewsandrepairs5246 thank you so much! You sincerely don't understand how helpful this is thank you so much!
Glad it helped! Thank you! 🙏
Guys!!! This worked smoothly 🎉 it is the best setup explanation ever , can't thank you enough
Thank you! 🙏
this is how we work from NorthAmerica while living in Thailand
How is it working for you buddy all.smooth
How the internet speed?
Internet speed sucks when having two router hotspot
@@b.n.y.a1599 i made a tutorial on my channel - how to set up a vpn server and vpn router.
in that video towards the end, i show a button that ensures your connection stops working whenever the VPN stops working for whatever reason.
Do you work from your own computer or one provided by your employer?
You are the genius and lifesaver I'm looking for. I have a trip coming up and was worried that internet access outside the US would be banned. I just placed the order through your link, and I can't wait to set up the routers for the trip.
Thank you! Let me know if you run into any problems! Support@JustinPruett.com
@@justinreviewsandrepairs5246 Hi Justin, I just emailed you about a Port Fowarding question. The subject line is Port forwarding question from Danielle Chen. I tried every steps but still could not connect the two devices. However, openVPN works fine on Slate AX. It just won't connect to the Beryl AX.... Please help!
Hi Justin! I got everything set up just like in this video. However, when I connect my client Slate AX to a public WiFi network outside the home (Starbucks, the library etc.) I get the message " The interface is connected, but the Internet can't be accessed with IPv4 protocol." It works perfectly when I use my mobile hotspot to connect to the client router. Is there something wrong with my configuration? I am worried because I have an out-of-state trip to go on in 2 days, and need this system up and running. Thank you so much for your help!
Best regards,
Jennifer
Hi Jennifer, sometimes public WiFi networks require you to accept terms of use and things like that, it makes the process a lot more time consuming but it can be done: docs.gl-inet.com/en/4/tutorials/connect_to_a_hotspot_with_captive_portal/
@@justinreviewsandrepairs5246 Thank you so much, I realized that this might be the case. For anyone else, I fixed it by updating my client router to version 4.2, which has a new feature that essentially lets you spoof your MAC address by using a custom mac address. I went through the login page on my iPhone and then went into settings, clicked the wifi network I connected to, and then copied down the "Wifi Address". Then I copied that MAC address into the router, and then the wifi connected to the router perfectly. I hope this is helpful for someone!
Thank you for sharing!
@@justinreviewsandrepairs5246 Hey Justin, I am having the same problem and do not quite understand what to do. I tried to follow the directions that you posted but I was still having issues. It no longer gave me the error message of the internet being accessed, and said that it was connected, however, it did not load any web pages. I also tried to get on my phone hot spot to try that out and it said it was connected but then again, wouldn't load web pages saying that it was not connected to the internet. Could you possibly make a video of you using this system to connect to a phone hotspot or a different wifi network? Just so I could see it visually? Or if not, do you have any guidance? I appreciate this video and your responses so much!! If I can get it working it will be the best thing in the world (and I won't lose my job lol)!
Justin! Thank you so much for this video. I watched several other videos that left out so many steps and had been frustrated for several days. I finally decided to watch this video and low-and-behold, now my Opal is able to connect to my Flint2 Router. And it was able to connect to the Flint through the same AT&T Router IP! I was trying to use my phone’s hotspot but that was not working. Thanks again fellow Dallasite!
Glad it helped! Thank you for sharing! If you ever run into problems please reach out!
@@justinreviewsandrepairs5246 Hey Justin. After successfully connecting my Opal1200 to my Flint2 Router via WireGuard that's hardwired my AT&T ISP Router, I decided to get a backup Slate AX. I successfully setup and connected the Slate AX via WireGuard yet now the Opal won't connect. I should be able to have both of them connected at the same time, yes?
Did you generate a new configuration for the Slate AX? Each configuration file can only be used once but you can generate a new one and use both devices at once.
Yes I generated a new config file and uploaded that to the Slate AX. It has a different IP than the Opal.
Thanks Justin your videos! It looks like for your work remote set up you recommend using the Slate AX router along with a GL.iNet Opal Router. In this videos comments though you recommend using the Slate AX with the GL.iNet Beryl AX instead of the Opal. Another guy on UA-cam who makes similar content/how to videos recommends using the Slate AX travel router with GL.iNet Flint 2 router. And another guy on UA-cam recommends using 2 Slate AX routers; he says the Slate AX offers faster wireguard speeds than the Beryl. 1 thing is clear - you all recommend the GL.iNet Slate AX router as the 1 to travel with. But which is the best 1 to have at home? The 4 options you 3 guys recommend are a 2nd GL.iNet Slate AX or GL.iNet Opal or GL.iNet Beryl AX or GL.iNet Flint 2. The router modem currently at home is the Xfinity Gateway XB8 (for Xfinity Comcast internet)... What router would be best to use at home with XB8?
This video is more than a year old so as new routers come out the best option changes. Currently the Flint 2 would be the fastest option but if your budget is lower then the Beryl AX is an excellent ratio of price and performance. A full list is in the description. Let me know if you have any questions or run into any issues.
@@justinreviewsandrepairs5246 I have the Xfinity Gateway XB8 router modem combo at home with Xfinity Comcast internet. I have Xfinity Comcast's largest wifi plan, the Gigabit Extra, which has up to 1200 Mbps. I'm getting the Slate AX router to travel with but I'm not sure which to get for at home - the Flint 2 or another Slate AX router? I'm not sure how to compare them or know which is better for the at home router, can you advice? Thank you!
Man this GOLD keep doing Lord work!!!
Work in Vietnam and use my home in americas ip address with this method. Speed is lower but it works
Thanks for sharing! Do you have Fiber Optic Internet at home? The distance between the two locations introduces higher latency, so using the lowest latency Internet will provide the best results.
@ I have spectrum
I tried your setup and you were very good at explaining things, it appears to be working with the VPN dashboard showing up and down traffic. Since it is going to a Beryl at the "home" location which also gives the 192.168.8.xx IP it was hard to determine if it really was working. So while doing the speed test I disconnected the client and it stopped the speed test, but I sure can't tell by the IP address. You did very well to help someone actually make this work that is far from qualified. Thanks. I am still questioning my success!
Thank you! You can use a website like www.whatismyip.com/ to see what your Public IP Address is before and after connecting to the VPN.
Thanks Justin for the comment. Let me give it a try. I exchanged a few msgs with nord, but not getting anywhere with them. I will definitely look up the port forwarding for the xfinity router/modem.
Here is the video that shows how to get your IP Address or MAC Address from your travel router for port forwarding: ua-cam.com/video/LzBa6KsfG9A/v-deo.htmlsi=bpljRVvc_0LTJpt8
Hi Justin,
First, I want to thank you so much for the detailed step by step tutorial. Like most people here I happen to encounter the most common issue - I can’t start the VPN WireGuard Client on the travel router despite setting up the server/port forwarding.
Some background, I have Verizon and even after setting up port forwarding, I run the DDNS Test I still have 2 different IP Address and the same warning - from DDNS Domain Resolution is the same as my ISP Public IP, but the WAN Interface Ethernet is still the same one it was assigned initially.
Look forward to hearing from you and thanks once again!
Edit: Turned out I changed from TCP to Both in the process of Port Forwarding set up and everything started to pick up and worked out fine now.
Yes, some people have to select UDP only, but "Both" works for many. Glad everything is working now!
@@justinreviewsandrepairs5246 Just a follow up question - I expect a big drop in connection speed but what would you estimate the speed to be if I were to be in very long distance (thinking US-Asia Pacific)?
You can estimate using the latency values from wondernetwork.com/pings between two cities. If it is above 300 your speeds will drop significantly
@khanhly-courtleveltennis how were you able to set the port forwarding in Verizon? I'm also using both in the process of port forwarding but it doesn't seem to work .... did you call verizon?
Hi Justin, I followed your tutorial to set up my glinet router, but I'm having trouble connecting. I'm not sure where I went wrong. Do you offer paid appointments to help with setup? Thanks!
Are you using a second Internet connection for the Client Travel Router you will be taking with you? You cannot test from the same connection. If you are it is likely a port forwarding problem. Feel free to email me at support@JustinPruett.com
Will shoot you an email. Thanks so much!@@justinreviewsandrepairs5246
Awesome instructions!!!! Exactly what I needed since I already have a router!!! Thanks for the config info especially the port forwarding info!! I have two Slate AX. One for Home and the other for Remote.
Thank you! The two Slate AX are an excellent choice. One extra step since the video was made, Block VPN Traffic is no longer enabled by Default, I think it should be turned on: docs.gl-inet.com/router/en/4/faq/block_no_vpn_traffic/
Thank you! Exactly what I needed. I was a bit overwhelmed until I found this video.
Glad it helped! If you need help with anything else just let me know!
Awesome video Justin! I emailed him because I was having some port forwarding issues and he got back to me very quickly. Wonderful channel!!! Thank you so much, dude!
Hi Justin. I am experiencing port forwarding issues with my Virgin Sagecom FST5250 device. I can’t find good videos on the internet and when I set up the conditions similar to yours it says it’s not valid. Is port forwarding absolutely necessary for the extra security with opal? What can I do? Thanks in advance- you are a life saver
Precisely the issue I encounter when I type “51820” in the port forwarding rules is “you must enter either a number or a range between 1 and 65535. With a range, put the larger number at the end”
whats his email , i wanna reach him too , thanks in advance
Hey Justin thank you for this amazing video! Most detailed out of everything I looked up. I watched multiple times now and sorry for some dumb questions if you don’t mind.
1. With port forwarding between home router and travel router, do we need a VPN subscription like NordVPN? Cuz I looked up NordVPN and they dont allow port forwarding, and also I didn’t see you logging in to anything.
2. What is your Frontier router’s role in this? I saw that you are leaving Opal at home and traveling with Slate AX but didn’t get why you’re adding in Frontier.
Thank you!
Thank you!
1. In this video you are basically running your own VPN Service, you do not need Nord for this video. There is another video that covers using Nord.
2. Frontier is my Internet Service Provider, they provide me with a router and instead of replacing theirs I added the Opal. If you have Fiber Optic Internet you can probably get the Flint 2 router and replace the ISP router completely. If you have cable, you must use a modem which typically is bundled with a router these days. So unless the GLiNet router is the main router you will have to do the Port Forwarding step.
Please let me know if you have any other questions
Thank you
- Justin
@@justinreviewsandrepairs5246 hey Justin, thank you so so so much for explaining. The set up worked out perfect for me. The two things that did the trick was first only enable UDP on the home router port forwarding and second change the default IP address 10.0.0.1 to 10.1.0.1 on the stay at home server router. Hope this helps others too. Again thank you!
Do you have Xfinity? For some reason their routers use the same IP Address range as WireGuard ®️ which is why you had to change it. Glad you got everything working! Thanks for sharing!
@@justinreviewsandrepairs5246 exactly I use Xfinity! Don’t mind this extra step and I noticed traceroute that it takes 1 step in my home city before routing to the next steps.
Hey Justin! Thanks for everything you did with this setup. I do have a question though. Everything was working inside my home network. Yesterday, I went to a dealership for a maintenance and I decided to bring my wireguard client Beryl AX with me to test it out outside of my home network. I left my wireguard server Berly at home basically. There was no issue with connecting to the dealership's wifi via my wireguard client, didn't have to deal with a captive portal or anything like that. The issue I had started when it came to enabling my wireguard client on the dealerships wifi. It kept stuck at the status saying "the client is starting please wait". When I checked the logs I saw an error something like this "user.notice firewall : reloading firewall due to ifdown of wgclient". Do you have any idea what causes this issue by any chance? Should I add the every IP address of the network I am in to my router first and then enable wireguard client? Or is it something else? Thanks!
If it works from another network such as a hotspot or friends network, then it may have been the dealership blocking traffic because it was not http traffic on port 80 or 443. If you are in the United States I have been having decent results from Dish's Project Genesis 5g hotspot for just $20/month
The forums might be able to offer some suggestions forum.gl-inet.com/
Thanks Justin. Yeah, I think I need to try this at my friend's house first. This might be related to the dealership only like you said. I will try again and let you know! Thanks again! And yes, my phone hotspot just works fine with wireguard client enabled.
hi @@orkunsaglam5556 I am running into the same issue; I am testing mine on the library's wifi. Did you find a solution for it?
Justin, your teaching is amazing. Super detailed and succinct.
Thank you, Jude!
Hi Justin! Thanks so much for the super helpful guide. I have followed the same steps exactly and was successful in connecting, however, I ran into a couple of issues. The first one is, the travel router (AX) would not connect to my Home IP VPN if the AX is connected to my home Wifi, it only connected when it was connected to an external network (my iPhone as a hot spot or external Wifi network), is this normal? Or is something wrong?
The other issue is, the speeds are very slow, I mean given network speeds of about 100Mbps to 150 Mbps, I got speeds of about 5Mbps to 15Mbps with bad latency (about 60ms) when connected to Home IP VPN, please let me know if this speed reduction is normal or if there is something I can try to help with this. The Opal is connected via Ethernet by the way.
Yes, the Slate AX should be on a different network than the Opal that stays home. Increasing speed is tricky, using WireGuard®️ is the faster option so then you can try using Ethernet cables instead of wireless and make sure your upload and download speeds from your Internet provider are fast.
@@justinreviewsandrepairs5246 thanks a lot man!
@@-Above-Average- Any updates?
Hi Justin!
In the screen show in minute 5:31, I have a tab that says Profiles and has this text:
Each client device that connects to the WireGuard server requires a unique peer configuration. You need to create a separate configuration for each client device; each configuration must specify a unique client IP.
I am unsure what to do about this. It also has an option to Add a profile
From the Server Router you can generate a profile for each Client Travel Router. So if you had three routers and two were to be used as a Client, you would generate a new profile for each one. Never use the same configuration profile on more than one device since it contains unique routing information.
Thanks a lot Justin i do appreciate your quick response
i got them all setup and rolling now ready for my trip,
thanks alot for your time and effort.
Thank you! Once you get connected at your destination, please enable "Block Non-VPN Traffic" from the Client VPN "Global Options" menu for added protection.
@@justinreviewsandrepairs5246 thanks a lot for your professional advice i'll make sure to do that.
Thank you Justin for the informative video! GL-iNet is now version 4.5.16 and options are rearranged (a lot) but your video still hits all the major points.
On your remote client router, Slate AX in your example, did I miss where you can specify a split router?
In an ideal world what two GL-iNet routers would you recommend for 2024?
Another question I can not find a definitive answer; I want my Client(s) to access location A and location B.
I would like to be able to reach all devices in BOTH locations.
If location A, HOME devices are 192.168.1.x/24, do devices on location B, OFFICE have to be on a different sub net 192.168.2.x/24 (NOT be the same as 192.168.1x/24)?
Thank you, I guess it is time to make an updated video.
For your use case I would highly recommend considering the Ubiquiti UniFi UDM Pro to establish the site-to-site connection. They have some cheaper options as well, but in general Ubiquiti is very expensive because it makes that type of advanced network set up easy. The GLiNet routers are great but they are not intended for your use case.
I will need to upgrade my firmware to see what you are seeing as far as the split "router", could you explain what you mean by that?
Thank you, I found this informative. I did have a question about security though, is the information encrypted between the gli routers?
Yes, you'll notice in the configuration file that there is a Public and Private Key which is used for encryption.
Yep totally understandable. In the process I learned so not complaining glad you took the effort to put it together.
Thank you 🙏
hi Justin. quick question. I also have frontier and looking to buy a GL-MT3000 / Beryl AX (for travel). I want to connect to my home IP in USA from Ecuador. Do I need to buy a second travel router like you have in the video (because you have the OPAL for home) I was looking at the GL-MT6000 / Flint 2 for home to "" what frontier provides. That is my question. can I simply replace the frontier one or do I need 2 routers at the home like you have the OPAL and the one from frontier? I appreciate the time and effort you put into breaking down step by step how to move forward with setting up wireGuard to connect to our home IP.
Frontier is great, it is Fiber Optic Internet so you can plug in any router to their ONT. So the Flint 2 would have a cable from the ONT to the WAN port of the Flint 2 and run your Server without the need to Port Forward.
The Beryl AX would be your Client, but keep in mind you should still test your setup from a second Internet connection.
In the video, I was actually port forwarding from the Frontier Router to an Ubiquiti UDM Pro router that was port forwarded to the Opal Travel Router that was running the Server. So there is a lot of flexibility with how you can set things up.
Today, there are some other brands that offer WireGuard ®️ as well, so if you happen to have a supported Asus router or Ubiquiti UDM Pro, you could actually use that router as the Server. I used the Opal because it was the cheapest option that still provided decent speeds at the time. Today I would probably buy two Beryl AX for about the price of the Opal and Slate AX. The Flint 2 is designed for home use so it is larger, but it does provide the best WireGuard ®️ speeds you can get between the four routers we discussed.
@@justinreviewsandrepairs5246 thank you so much for the reply. Do you recommend I set up the DDNS? is that a must or I canuse it without that set up.
If you have a Dynamic IP Address from your ISP, you must enable DDNS because your Public IP Address could change at any time. If you have a Static IP Address you can leave it off because your Public IP Address will never change. Most Residential ISP will have Dynamic Public IP Addresses so you will need to enable DDNS. The GLiNet DDNS service is provided for free so you might as well take advantage of it.
Hi Justine!
Thanks for this video! I just have a few question. It was mentioned that your router is behind NAT. GLinet website says you wont be able to setup a server if you're behind NAT. Can you confirm if your router is actually behind NAT or they gave you dedicated public IP by checking WAN on your ISPs router and the ip you have on whatismyip? If they're not the same and indeed behind NAT, which ip address did you use for the DDNS? The one on the router or the one from whatismyip? Thanks!
You might be referring to cgNAT? NAT is good, I have a dynamic IPv4 address from my ISP and DDNS automatically handles it. cgNAT is a common practice among 5g Internet providers and you share your IP with other customers so you cannot port forward.
@@justinreviewsandrepairs5246 So if we cannot do port forwarding what other options do we have? I have the Opal router
Hi Justin - My use case is working remotely from other countries (outside the US) while using my home IP address in LA. At home, I currently have Spectrum cable with a separate router and modem. What gear from Gl.Inet should I buy to ensure that my zoom video calls have no lag.
A: 2 Ax Slates (1 at home, 1 away from home)
B: 1 Slate at home, 1 Beryl AX away from home
C: 1 Beryl Ax at home, 1 Slate at away from home
D: 2 Beryl Ax (1 at home, 1 away from home)
E: 1 Flint 2 at home, 1 Beryl Ax away from home
F: 1 Flint 2 at home, 1 Ax Slate away from home
Given that Spectrum provided me a specific router and modem, does that mean that options E and F (using a Flint 2 router) is off the table?
Thanks!! This is extremely helpful!!
D would be your cheapest option, F would be your fastest option. All options will work. You will be limited by your cable connection which typically has low upload speeds and high latency. Upgrading to Fiber Optic Internet would be ideal to support video conferencing. For example, I have 500 download, 500 upload, and less than 4ms latency with Frontier Fiber and that allowed the Opal to achieve decent speeds for the price. The Beryl AX supports much higher speeds than the Opal.
@@justinreviewsandrepairs5246 Amazing! Thank you super helpful. I think I will go with F. just want to confirm my last question though:
Given that Spectrum provided me a specific router and modem, does that mean that options E and F (using a Flint 2 router) is off the table?
The Spectrum Modem and Router combo unit can be changed to modem only so that all traffic will be handled by the Flint 2. I believe they call this Bridge mode on the Spectrum Modem Router Combo.
You can also just Port Forward to the Flint 2 as you would have done on the Beryl AX. The Flint 2 form factor may be different to provide better WiFi coverage but much of the setup is the same if you go the Port Forwarding route or the Router route.
@@justinreviewsandrepairs5246 Thank you!! Really appreciate you taking the time to respond. I owe you!
Thank you so much for the instructions however, it looks like I am having an issue with my port forwarding setting and I call Comcast. They still are not able to do it correctly. I'll try to telenet command to see if my port was being forwarded. But it's not working.
Feel free to email me screenshots of what you have for Port Forwarding. For cable you will need to select UDP only instead of TCP or BOTH. Also, did you use a second Internet connection for the Client Travel Router? You cannot connect while already connected to the same Internet as the Server. Email: support@JustinPruett.com
Hello Justin,
I’m just kind of confused about a few things:
So I’ve setup the wireguard VPN on my Flint, and tunnel is successful through my Slate. I’m just trying to figure out how to make everything a wired connection since I’m afraid to turn the WiFi on my MacBook.
So when I’m in a new airbnb, how would I be able to establish the tunnel (turn on wire guard through admin panel) without using WiFi? Just wanted to make sure VPN is up and running when using my work laptop. And if I have to connect the router directly to the router in the airbnb via WAN, wouldn’t there be issues with port forwarding every time I’m in a new airbnb? Just a bit confused because I know I can just connect to the Slate via WiFi, and start tethering to the airbnb network, but would it be safe enough to do it that way? I just need to make sure the device doesn’t know my true location. Does the slate AX automatically load my setting and run wire guard tunneling each time? Or do I have to activate it each time? And when connecting to the Slate, would I be connecting my MacBook to it though the LAN port, if the router is tethering to the airbnb router via WiFi?
Also a bit confused about the “MTU” I have to paste to the config on my travel router. I can see in your video that it didn’t contain a MTU to paste.
There’s also an option to select "Services from GL.inet use VPN" when I was activating the kill switch (Block Non-VPN Traffic) do I also need to activate the other option?
I’m sorry if this sounded confusing, I don’t really know anything about networking. But stumbling upon your video motivated me to take the leap and start traveling the world while working remotely.
I really appreciate any knowledge you can provide me with!
At each new AirBNB you would need to connect the travel router via WAN or connect via WiFi using another device such as your phone. No port forwarding is needed for the client.
MTU is an advanced topic, the default is fine for most
Hi justin thanks a lot appreciate your time and effort,one quick question
which one of the travel router should i do the port forwarding on, should it be the
stay at home router or the one we are traveling with.
Hi, thank you! You should Port Forward from the ISP Router your Internet company provided to the Server Travel Router which stays home. This video may help explain: ua-cam.com/video/LzBa6KsfG9A/v-deo.html
I set up the Server router on my home network as indicated in the video. When I set up the Client router at my home, the one that I will use for remote work, in set up do I also connect the Client router to the same home network? Or in order for the set up to occur correctly, the Server router is on the home network, and do I need to set up the Client router on a non home network or hotspot? Thanks!
Yes, the client router should be on a different network or hotspot. Most routers won't route correctly when on the same network. Thanks for watching!
Suuuuper helpful video, thanks so much. Very new at this, so maybe this is a stupid question - is the second travel router left at home the most inexpensive way to do this? I have a netgear router which doesn't appear to support wireguard, just openVPN, so I suppose getting another gl.inet router is the cheapesr way to set up a wireguard server?
Secondly, would plugging the home gl.inet router directly into the modem and bypassing the other home router obviate the need to set up port forwarding?
Thank you!
If you don't need the VPN to be fast, you can use OpenVPN on your existing router. Otherwise GLiNet is a very affordable way to host a server. If you have old computers you could use those as a server, but it would need to be left on 24/7 so the electricity cost may be a factor to consider as well since the GLiNet router uses about as much as an LED light bulb whereas an old desktop computer is like running a TV.
Yes, if you plug a cable into your Modem (Or ONT if you have Fiber) and then the other end into the WAN port of the GLiNet router you can skip Port Forwarding. In this case, the Internet Page of the Dashboard should show your Public IP Address under the Ethernet connection instead of a Local IP. You can use ip.suzam.com/ to view your Public IP Address.
Let me know if you have any other questions,
Thanks
@justinreviewsandrepairs5246 Perfect, super helpful. Yeah the only pcs I have are electricity guzzling custom builds, so probably going to first try using openVPN with my existing g router, and then springing for another beryl ax to set up as a wireguard server if that proves too slow.
Thanks so much, by far the most helpful video on the topic I could find!
Thanks! If you run into any issues just let me know as a new comment or an email. UA-cam doesn't always alert me of replies. Support@JustinPruett.com
I picked up Brume 2 and slate ax
Is the setup similar?
Thanks
Yes, but obviously the Brume 2 does not have WiFi so it will need to be plugged in which is the preferred method for the server anyways. Let me know if you run into any problems.
I'm thinking of going with the same setup as you...have you got it up and running? If so what kind of speeds are you getting? Also does your actual computer location show you actual location or the location where your home ISP is? Thx very much in advance!
@@TylerTheCompiler ended up having to return brume and get an ASUS router
Hi Justin! Is there no need to pay for a VPN service in order to accomplish the VPN connection between the client router and server router ?
No, with this approach YOU are the service provider. Use the money you save to get a Fiber Optic Internet connection for the best results.
@justinreviewsandrepairs5246 thank you! And, is there a way to still do this connection without VPN ? I ask because resources I will try to access implement a VPN block, and I'm worried that there will be remains in the data that indicate it went through a VPN, even if it's not a direct VPN connection to the resources, that will trigger the block. If so, how can I configure this connection without VPN?
Companies often block Commercial VPNs based on Public IP Addresses and Allocations. If you are not blocked at home, then you should not be blocked from the Travel Router unless they are doing something like deep packet inspection on your work device. VPN is a technology, not just a brand you see in an ad, it is not possible to connect the two travel routers without one of the VPN Options: OpenVPN, WireGuard ®️, TailScale, ZeroTier, etc... this takes place outside of your laptop to create a sort of virtual cable back to your home, so it is not like when you install a commercial VPN service in your laptop.
Hey Justin, thank you very much for the tutorial. Can I ask you a question? I have a company assigned phone also and that has 2 factor authentication linked into. If I keep airplane mode and turn off my bluetooth but connect to the wifi from the router will my phone still look like as if it's appearing from my home location or will there be other ways for them to track me and know im out the country. Also, Im just curiious what's the brand of battery pack you are using in your video?
Hi,what is the name of the app that stores the 2 factor code?
@@justinreviewsandrepairs5246 "Okta Verify"
@@justinreviewsandrepairs5246 you know about Okta Verify?
Hey baker I'm also looking to find an answer for okta verify. Let me know if you got any updates ☺️
You can setup to receive an email code or text message when verify with Okta , Dont need to click on send push
you learn something new everyday, thanks Justin
Thank you!
Thank you for this tutorial. I am interested in this setup, the choice of using the Opal as the receiving router. Was it chosen because there is no need to have two Slate routers for this setup and hence going with the lower priced Opal? I believe the Opal has a slower WireGuard speed does that effect the connection speed at all? Thank you
The Opal is the cheapest option (that still works for most tasks) while the Slate AX is the most expensive travel router (there are more expensive non-travel routers). You can choose any of the combinations of routers from the Description of the video or you can even use other brands such as Ubiquiti. For most people, the Beryl AX is a nice balance between performance and price. Your connection speed is limited by the routers you choose, the Internet connection on both ends, and the latency between those connections. For the Home Server, you should get Fiber Optic Internet for the best performance. Feel free to email me if you need any help. Thank you!
Is it possible the connect the GL.iNet GL-AX1800(Flint) WiFi 6 Router at home and have the opal to connect to it and carry it abroad
Yes, but the Opal is pretty old now, the new Beryl AX has come out since the video was recorded which is more powerful and has the latest features.
@@justinreviewsandrepairs5246Thanks for your reply, I actually plan on getting the Beryl soon, but I can only afford the Opal for now. One more thing, can I connect it if I have already left my home country if I have someone back home to help with the setup?
Yes, they can do the port forwarding and send you the configuration file you need to connect.
This is a great video Justin. I am planning on purchasing both as you have recommended in this video. Do you think Opal would be fast enough to use as wireguard vpn server leaving it home and have 2 or 3 connection to it from Slate that both me and my wife would use it for work while traveling and working remotely. I just wanted to make sure it is still the good solution or anything have changed since you have published this video. I am thinking Opal instead of two Slate as Opal is much cheaper but want to make sure for two person to have connection back home at the same time is still a good choice. Would there be any performance issue with Opal assuming that the internet speed is decent at the remote location. My home is ATT and 300mbs plan.
And one last and important question. Is there any issue using work laptop that uses cisco any connect to vpn to work server but for it's internet connection it would connect to Slate that would then vpn back home using wiregurad ?
Thank you! Two Opal would be fine for light use like Email and browsing the web, but if you need to do more then the Beryl AX or Slate AX would be better suited because they have more processing power. The VPN connection is actually encrypting and decrypting messages as fast as it can so over time all of the models should heat up and possibly slow down if it gets hot enough, but the Slate AX has a built in fan.
So far this solution seems to work with every Work VPN since the router itself is providing a VPN connection back home that your Work VPN can use to connect as it would at home. The only unsolved mystery is how to decrease latency, which is highly dependent on your Internet connection on both ends.
@@justinreviewsandrepairs5246 so you are saying the work laptop should be just fine if it needs vpn (cisco any connect) and then the vpn that Slate (wireguard) would provide. Meaning vpn over vpn. This inherently would be little slow but if the internet speed is fast enough it should work. right?
Hello Justin. You have helped me greatly in the past. Would you have any idea why suddenly port forwarding would just stop working, saying no internet? Here's a brief. The opal is at the house (Chicago) and the Slate is with me (St. Louis). When trying to port forward is says no internet. I switch the mode button and the internet works (but with the ip address in STL). I had this issue several weeks ago and I thought that the Opal went off line or there was an internet problem at home. When I got back to Chicago I tested the port forwarding using my cell phone as the internet provider and the port forwarding worked (ie showed my Chicago home IP, and when I switched the mode it showed the IP address of T-mobile in Chicago.) So, now when in STL the port forwarding does not work when using my phone as the provider or the home internet (100 mbs download and 10 mbs upload). I just get "no internet", but when I flip the mode I get internet, but with the local STL ip addresses. Any guidance would be most helpful. Thanks again, for putting up this type of content.
I think you are calling the VPN "port forwarding" but port forwarding is just one of the steps on the ISP router to allow traffic to the Opal. It sounds like your ISP router lost the setting or changed the local IP Address of the Opal. In either case it will need to be corrected. You may want to consider a UPS if a power outage (even a quick one) is to blame?
Thanks a lot for this video and all of the others as well. Looking forward to creating this setup soon
Thank you! Let me know if you run into any problems!
@@justinreviewsandrepairs5246 thanks brother. Would you recommend running a Tplink archer ac1750 for home openvpn server or go with a newer portable GLINET one? I already have beryl AX for the portable side
It is possible, but OpenVPN simply isn't as fast as WireGuard ®️. The Beryl AX goes on sale often, maybe just upgrade when you can.
Justin, good to know I was not rude. Ok, here is the quick scoop. Just arrived back home and used my phone's internet through the slate ax to see if it would talk to the opal. I got same thing "no internet". however, I unplugged the opal and plugged back in, waited a few minutes for it to cycle up (my term) and voila they found each other I have internet from "home ip address" where the opal sits. So, I guess the issue is leaving the opal on all the time without any traffic (my term again), it sort of goes to sleep/offline and not available for the slate to find. Going forward, I will leave it off until I travel. Do you know of any other way to wake it up besides physically unplugging it/turning off/on? It is a bummer that this is the case because it makes my logging into my work's network from my "home ip" while working remotely very difficult. Hope I made sense this time. As always, thank you for your guidance and expertise.
You shouldn't have to reboot it, I have been running my Opal for more than a year now without issue. Please reach out to GLiNet to see if they can do anything for you. Either way I would consider upgrading to the Beryl AX which is newer and more powerful than the Opal.
Yow from Jamaica here, worked exactly like you said thanks
You are a lifesaver. Thank you so much
Hi Justin, thank you for sharing this. According to your videos I bought 2 these modems, Opal and Slate. I am a beginner and I have few short questions.
As I understood we don''t need VPN service with two of these?
Could you just explain do we need to fix as you did im the first video related to DNS, which means to put Enceypted DNS, DNS over TLS and Cloudflare? Must we use Cloudflare or it can be Next DNS, does that mean that business data go through some server of the manufacturer? Or is it slower with that?
Thank you in advance.
The idea is to speed up DNS queries to reduce overall latency, which CloudFlare does well. You can use any provider, I just prefer CloudFlare.
Thank you. Can my employer discover CloudFlare or other dns servis if I have it on the modem that I take wirh me as described? Company's VPN on the computer is Cisco anyconnect.
Thank you.
Since the employer has full control of your device, they could potentially, the general idea is to stay under the radar so they don't gain full control of your device and start snooping.
Is this possible without access to the router to setup port forwarding e.g. using tailscale or zerotier? If so, can you also make a video showing steps on how to setup. Thanks.
You could setup ZeroTier ahead of time and then have the person you ship it to plug in power and Ethernet and be good to go. I hope to start on a ZeroTier video soon.
Hello, Justin. Thank you for sharing this very informative video.
I have the Slate (for travel) and the Opal (for home).
ISSUE: When I copy/paste the manual configuration into the Slate router (under WireGuard Client), it will not allow me to save (i.e., Apply) the file. The input box turns red when clicking "Apply." Based on what I'm seeing, my copy/paste looks identical to yours (and the example on the GL-iNet page).
Do you have any idea what I could possibly be doing wrong?
Thanks.
Solved.
Instead of copy/pasting, I "downloaded" the configuration file from the Slate and uploaded it to the Opal. That seemed to work.
That is interesting, it should work either way. What operating system are you using?
@@justinreviewsandrepairs5246 MacOS Sonoma 14.5, not that it would matter since it was a simple copy/paste exercise. Oh, well. I'm glad I got passed this point. Hopefully someone experiencing a similar issue will do what I did.
BTW... you replied to my comment within 6 minutes?! That's nuts! 😂
Awesome response time! 👍🏻
Macs do some interesting things sometimes, not sure if it was a factor here, but they have something called "Smart Quotes" and "Smart Dashes" which will change characters such as ' and -- to Mac style quotes and dashes.
Hi Justin great in depth video!! Just ordered two GL Slate 1800. One will stay in TX and im traveling to Africa in a month. Question 1) what is the best way to bypass (CGNAT) using this method some threads suggest Tailscale? My Isp is starlink unable to port forward.
Yes, TailScale and ZeroTier are two common methods. Setting the "Exit Node" from the GUI is not available in Beta yet, so it will require some manual command line setup to complete the install: docs.gl-inet.com/router/en/4/interface_guide/tailscale/
Hi Justin! Regarding your comments in the updated description box, if I get the Beryl AX and the Slate AX, which should I leave at home and which should I take with me? Also how much does the MT1300 differ from the MT3000? I am an absolute novice so apologies if these are really basic questions… I want to make sure I buy the right devices. Thanks in advance!
Hello, the Opal is no longer receiving updated features, so that is why I now recommend the Beryl AX. The original Beryl may or may not get updated, but the Beryl AX is significantly faster for WireGuard ®️. In the event that you find out that you cannot do the port forwarding step, the Beryl AX supports ZeroTier which is an alternative method that will allow you to complete the overall setup. As far as which device stays home, it can be either since the devices are extremely similar, but I prefer to take the Slate AX and leave the slower device.
Thank you for the in depth video! I'm wondering if you can use 2 of the flint 2 routers for both the router you connect to your home router and the router you travel with? I'm hoping it will increase internet speeds and help with latency?
Yes you can, but it is a bit large to travel with. The Slate AX should be fine, in all cases you want Fiber Optic Internet on both sides for the best results.
Thank you! Currently working from Ghana, West Africa!
To increase internet speeds should I use an ethernet cable for the travel router or will it be the same speed as the wifi option?
Wired is preferred, it should have lower latency versus WiFi. Africa has been plagued with multiple infrastructure problems recently that have degraded the Internet there. Having a Fiber Optic Internet connection at home and Starlink in Africa might be the best way to improve speeds right now until they repair everything.
Hi Justin, Thank you I see you have replied to everyone. I do have a question ! just started working remotely but they give me a little cpu which I plan on taking with me, what should I look for on the computer that might jeopardize my plans to go ? are there tools they have to conclude that this CPU left the country? I feel pretty confident everything will work just fine but I just want to make sure Im good. Thanks man
If your company is spying on you, there is not much you can do. This method basically just makes it to where you don't raise red flags, but if they are actively trying to detect you there is nothing you can do since they own the hardware and have full access to the device.
Definitely look out for GPS and Cellular Connectivity tracking, but it is still possible to track people using Bluetooth and WiFi. The same networks that help you find lost pets and keys can be used to track you!
Despite all of this, only one person has emailed me saying that they got caught, and it was because they didn't turn the VPN on before connecting their laptop.
Most people know when their company is spying on them because the company culture is already toxic and does things like making you keep your webcam on all day.
Let me know if you have any more questions as a new comment since I don't always get notified of replies.
Thank you
I need your help George, soy colombiano también 😅
@@TheDicampo pues no soy un experto, solo segui las instrucciones jeje que pregunta tienes?
Good evening from Virginia! Could I just buy two of the opal, leave one at home and travel with the other? Or do I need two different ones? Thank you for your response in advance!
You could, but the Opal is the slowest option. If you can afford two Beryl AX that would give you significant performance boost plus you will have the latest features from Firmware 4.
@ I definitely need two though? Or could I get away with just one?
You need one to run the Server and another to be the Client. If you have an existing router or another device that can run the Server you could use that, but few ISP routers have that feature.
Hello! A few questions I hope you can help with:
1. I just got a WiFi6 Router and I'm trying to figure out how to connect to my ISP-provided modem or router. Do I connect my WiFi6 router to the ISP-provided modem or router? The ISP-provided modem only has one ethernet port, and the router has one internet and 3 ethernet ports. If I use this router, should I remove the ISP-provided router?
2. Also, should I use the LAN or WAN ports on the WiFi6 router?
3. On the travel router, how would I connect the ethernet cables? From the ISP-provided destination modem to the travel router? Or ISP-provided destination router to the travel router?
4. Not sure if you know the answer to this, I connected to the WiFi6 router for the first time, and now every internet webpage says "Internet connection is not secure." How would I be able to fix this issue?
5. Lastly, would it make sense to get a static IP address? I ask since how would you know if a dynamic IP addresss changes when you're traveling?
Thank you!!!!
1. Which model GLinet router did you get? The Flint 2 has longer antennas so it could replace your existing router, otherwise you may want to plug the GLINet router into your existing router and do the Port Forwarding step.
2. You give Internet to the GLiNet router using the WAN port so a cable would go from the GLiNet WAN port to the Modem/ONT or a LAN port of the ISP router. You can plug devices into the GLiNet router such as laptops using the LAN ports.
3. You could do it either way. Modem to WAN of GLiNet or Modem to WAN of ISP Router then from the ISP Router LAN to the GLiNet Router WAN.
4. Based on your previous questions, please start by making sure the router is connected properly. Then you can send me a screenshot of what you are seeing to support@JustinPruett.com
5. The GLiNet router has DDNS built in which updates when your IP Address changes so there is no need to pay for a static IP Address. In some cases, mostly apartments, you do have to pay for a static address to allow Port Forwarding because otherwise you are sharing 1 IP Address with your entire apartment complex.
Thanks for the video, Justin! If I have a combo modem/router from my ISP do I need to make it a bridge ? Or if I have wifi mesh/extensions connected to the ISP combo would they still work on their own regardless of another router connected?
I would leave the ISP Router alone besides port forwarding the required ports to the GL.inet router. This should allow your existing network to operate as normal. Thanks for watching! Please let me know if you have any more questions. Happy Thanksgiving if you are in the US!
@@justinreviewsandrepairs5246 I got two Slate AX routers and just tried to set up port forwarding with my ISP. They made it seem like I had use bridge mode instead of port forwarding since I have modem/router from ISP. Is there a downside to only having the Gl.inet network ( and having everyone in the household use this one network) or does it just come down to preference?
My company has given me the green light to work remotely from anywhere in the world but with a huge wink that this isn’t officially agreed on and more so verbal. All they ask is that whenever I access something with my company provided laptop it looks like I’m in the US. Do I still need to do this 2 travel router setup or can I do a single travel router with a commercial vpn like your last video? I’m not too familiar with setting this all up so I’m watching the two videos to figure this out now. I see another one of your comments say you would recommend the flint 2 over the slate? And if budget is a concern to use the beryl? Does this 2 router setup primarily benefit if I need my ip address to show my home address at all times?
Congrats! Which method you use depends on your company and/or your preferences. The two router method works with any company while the commercial VPN method may not work with every company due to their security policies blocking commercial VPN Providers. If your company allows commercial VPNs the setup is easier and they provide VPN Servers across the country which could provide lower latency and better speed than your home server. You can start with 1 router and a VPN Service to see if your company allows it, and if not, you can get the second router.
The Flint 2 is the fastest option and the Beryl AX is the slowest option (but it is actually still very fast for the price). The description has a list of routers you can choose based on your budget.
@@justinreviewsandrepairs5246 i ended up getting a flint2 to be the main router and vpn server. i got the beryl to bring with me. i just finished setting it up today and i believe it is working. now i turned all the eeros in my home to access points with the main gateway as bridge mode very exciting stuff
Hi Justin! Thanks so much for this video. I'm currently in Puerto Rico, but want to sent this up with a router in Florida and then have a travel router. Is it possible to set this up without me being in the location where the main router is going to be? What's the best way to do that? Also, given that this video is a couple years ago is your rec to go with Flint 2 for home and slate AX for travel?
Yes, someone can set up the server in Florida and send you the "profile" configuration to load into your Client Travel Router.
Yes, the Flint 2 and Slate AX would be a great choice and they are both on sale for Prime Day today. If your remote location is your second home or something like that, you could also get a second Flint 2 for a more permanent installation. Let me know if you have any questions, - Justin
@@justinreviewsandrepairs5246 Thanks Justin. I went for two Flint 2's since my other location is my permanent location. Would the process for setting it up to be more permanent be the same process as you have in the youtube video or would you do something different? Thanks!
It would be the same, but you will likely want to set up Good Cloud on both routers for Remote Management. This isn't part of the video and is not required, but it is a nice tool when both routers are staying connected for long periods of time so you can do a firmware upgrade or change settings from anywhere.
Thank you for the video
I want to ask you if I enabled DDNS on the GL.iNet router, do I still need to enable it on the first router, for example, by taking the DDNS address and putting it somewhere in the first router's menu . Note that my ist router has a dynamic ip
DDNS should be enabled on the router that is acting as the Server (the one that stays home).
Thank you for this video. Question: for traveling to Europe or Asia (and or Australia), which travel router(s) should I buy? Looking at your picture, I see that you have two different GL routers. Can I connect the travel router to my xfinity router? Also, what kinds of download speeds (for iPhone photos, for example) can I expect by using my home ISP? Thank you again.
Hello thank you
1. Please see the video description for a list of routers
2. Yes, but Xfinity requires an extra step because they happen to use the same IP Address range as WireGuard ®️. The 10.0.0.1/24 has to be changed to 10.1.0.1/24 as seen here: docs.gl-inet.com/router/en/4/interface_guide/wireguard_server/#setup-wireguard-server
3. Your speeds depend on which router you get and your Internet speeds at both locations. Even the Beryl AX is fast when paired with Fiber Optic Internet. Cable usually advertises fast speeds but they don't tell you that your upload speed is comparable to what we used 20 years ago! Your Home Server Router will have to Upload to your remote location so it is preferred to have Fiber Optic Internet.
@@justinreviewsandrepairs5246 hey just reading through some comments here and had a quick question. I haven't had any issues without changing the Wireguard VPN server IP Address range for my Flint2 which i have hooked up to my xfinity home router - I haven't had any issues connecting to VPN. Am i missing something here?
Hey Justin! This is a great video. Though I am not a software expert I was able to set my routers up. But I have been facing a problem and was looking if you could help me. I have configured a flint as my home router and beryl ax as my travel router. When I set the wire guard server up they both connected well and all was fine but as soon as I took my beryl remote with me it wasn’t connecting to the wire guard but again when I got it home it would connect to the flint. Is there something that I am
Missing here?
Usually people have the opposite problem 😆
It is likely that your configuration file is using your local IP Address instead of your DDNS address on the "Endpoint" line. Please double check that you see a domain instead of an IP Address on that line.
If you prefer, you can email your configuration to support@JustinPruett.com
Great video. Thanks.
How is the Network mode (router, AP, Bridge) configured in the Opeal and the Beryl?
The network mode is in Network -> Network Mode: docs.gl-inet.com/router/en/4/interface_guide/network_mode/
@@justinreviewsandrepairs5246 Right, but which one of the options did you choose after that?
For this video, both routers are set to router mode.
Justin - Thanks for this detailed step by step instruction. I am out of country at the moment, can my friend setup the server in his house in the US and can I order a separate router and set it up as a client remotely co-ordinating with him ? Will that work for the initial setup ?
Thank you! Yes, they can set up the server and send you the configuration profile. The small text file includes the connection information so all you do is load it in and connect.
Hello Justin! So I think I’ve got most of it setup now, but I’m just really confused about a few things. So for my travel router, I wanted to make sure everything is a wired connection with my MacBook so I never need to turn WiFi on, but noticed I can’t access the admin portal unless I connect to the router via WiFi through my MacBook. So each time I want to connect to a network I would need to: connect to the slateAX via WiFi, tether to a network through the admin portal, then turn off WiFi and connect with Ethernet? Also confused about the MTU in the config that I pasted to the travel router, and an option to select, “services from gl.inet use vpn”
Thank you for your wisdom
You should be able to connect from either connection, are you using the WAN port? You may have an IP Conflict preventing you from accessing the portal.
MTU is an advanced topic, you should leave the defaults in place unless you want to run multiple tests and fine tune the setting.
Hi Justin, thank you for this video! I have come across many other travel remote videos but did not realize that I would need to purchase 2 routers. I was under the impression based on previous videos I have watched that I could use my home/residence router and a router for travel. I have purchased the GL.iNet Slate AX1800 Router but it seems as if this will not be enough to mask my location. Is my interpretation correct? Any additional insight or advance would be greatly appreciated. Lastly, do you know how far or the range the GL.iNet routers cover abroad? Meaning, do you know if they work in most countries or not? And to double check, all configurations need to be made before I travel correct?
If your existing router supports WireGuard®️ such as a Ubiquiti UDM router, or if you have a device such as a QNAP Nas that supports it, you can connect to those. Many people do not, so a second router is necessary. If your company allows it, you could also use a commercial VPN provider such as NordVPN or WindScribe then you wouldn't need a second router but you wouldn't be using your actual home IP Address in that scenario.
That will be completely dependent on the Interference where you stay. If your room has lead paint, that will severely decrease range or if there are lots of other signals causing congestion. In general it works great because it has WiFi 6.
Yes, you should configure AND test before traveling.
Thank you so much for such a thorough response. I will be attempting to try this on my own this weekend. Will me luck lol. I will check back with you and the comments if more questions arise.@@justinreviewsandrepairs5246
Hello, it's me again lol! I am running into a few roadblocks and I think it might be due to the router I am trying to connect to. I have the grey slate router that is featured in the video. Upon further investigation, I see that my home router which is a Netgear Nighthawk AC1750 Model: R6700v3 supports VPN / port forwarding. However, I am having trouble trying to connect the two. I want to use WiredGaurd, but I do not see it as an option. If I add a VPN to this router and take my slate router with me for travel instead of buying the second one featured in the video, would I be able to connect to my home internet seamlessly from abroad? I have NordVPN as well. I hope this makes sense. Thank you so much indance for taking the time to respond to my inquiries! It means a lot.
@@aten6656 make sure you have the latest firmware on both devices. If your Netgear supports WireGuard ®️ you can use it as the server. Otherwise I believe Netgear supports the older and slower OpenVPN.
Hi Justin
thank you for this amazing video
i have a question:
for example i'm in Europe and i ll travel to Asie , i'm wondering about the time of "GitCommit"; it ll show the local datetime (Asie) or the Europe DateTime ?
thanks in advance
Thank you, great question. I am not sure, you might need to manually adjust your clock if it changes or just use the git time zone option git-scm.com/docs/git-commit/2.24.0#_date_formats
Hey Justin! Great video. My home setup: Linksys router plugged into my cable modem. On my Linksys router I've enabled DDNS and it's working perfectly. I just ordered 2 AXT1800s. I'll configure one AXT1800 as the Wireguard server and plug it into my Linksys. I know how to set up port forwarding on the Linksys, so I'll do that for the Wireguard server. I'll configure the other AXT1800 as the Wireguard client, and this one will come on the road with me. Here's my question: since I have DDNS set up on my Linksys router, do I need to set it up again on the Wireguard server? Or will the Wireguard server just inherit the DDNS IP from the Linksys router? Additionally, if I don't have to set up DDNS on the Wireguard server, then I shouldn't have to override the IP address in the config file that Wireguard client uses, correct?
It won't hurt to turn on the GLiNet DDNS, you can run both. The one you choose to use should go in the configuration file for the client. The DDNS stays updated as your actual public IP Address changes, if you don't use DDNS then you will have to manually update your IP Address every time it changes.
@@justinreviewsandrepairs5246 Well, I followed your advice and I'm happy to report that I got it working the very first time! Easy peasy. You're a rockstar, Justin!
I am glad you found setting up your own VPN Server to be easy! Don't say it too loud or the VPN companies might start disliking this video! 😆
@@justinreviewsandrepairs5246 😀
I have 2 questions and would appreciate your help.
1: I work as a Cloud Engineer and need to be able to SSH into AWS/GCP services while using a company VPN(FortiClient). Is it possible to use this setup and then still be able to use Company VPN?
2: The Slate AX device would still need to be connected to local wifi/service to connect it to Beryl AX back home? Does it need to be ethernet or a wifi device from a local service provider would work?
Thanks!
1. The VPN is running on the travel router so you can continue to use your company VPN as normal.
2. Yes, the Slate AX will need Internet. Ethernet is preferred but the Slate AX has WiFi 6 which is very fast if the router you are connecting to also provides fast WiFi.