Helpful Links Port Forwarding Help: ua-cam.com/video/LzBa6KsfG9A/v-deo.html Captive Portal Tutorial: ua-cam.com/video/46nG8mhm5og/v-deo.html Test DDNS: justinpruett.com/glinet-troubleshoot.php Update: Many cable routers seem to struggle with TCP, please select UDP only in the Port Forwarding rule instead of both. Update: The Beryl AX came out right after this video was published, it is a much better option than the Opal in a price range that balances price and performance.
Just wanted to share that your videos took me from essentially 0 knowledge on VPNs to successfully working remotely in Thailand for the past 4 months with no issues. Using 2 Slate AX as my setup, thanks for the help!
Wow! Thank you for sharing! Thailand doesn't have the best Internet infrastructure according to WonderShare Latency data so it is good to hear it is working there! Thank you!
So nice to hear that it works in Thailand, could you possibly test and see how the latency/ping is and preferably in which city do you test this in Thailand? I am considering working from Thailand with softphone via VPN and am very dependent on a good latency :(
@@nizzar2003 I run my home server from the UK, in Koh Samui the ping has been around 200-300ms which is obviously quite bad but I was able to take calls, there was definitely some slight delay but it was manageable. Have done video calls with no issue also.
@Speatto Thanks for sharing, I think 200-300ms can be as you say manageable, I'm thinking of moving to Phuket or Bangkok depending on where the network is more stable and which allows me to carry out my work with customer service via softphone without a large latency/ ping. @Speatto Do you also have problems with a lot of power outages considering rainy seasons or what is it like in Koh Samui?
@@nizzar2003 power outages have happened yes, I’d say 2-3 times in the last 6 months. There are coworking spaces in al lot of areas (there will be many in Bangkok) which can be useful. I’d imagine the internet stability would be similar in the main areas such as Phuket/Bangkok. I was in Phuket for a few months last year and it’s great, I will move there soon. If you’re more of a city person then Bangkok is also a great place and probably the best for work/opportunity.
This is amazing! I was trying to find a step by step video and couldn’t find anything until this. This is perfect! Ty so much! The only reason I’m doing this is because my boyfriend is in a different state for 9 months and now I can be with him 💕
I just want to want to say MANY THANKS Justin! For your time and efforts you put together to make this video tutorial. I got my GL-INET routers talking to each other.
Thank you Justin. This has been a great help. I travel for work and have always wanted to setup a VPN with my home network. Got the same two routers and the system works great!
Glad to hear! Thank you for watching and commenting! If there are any other tech things you have been wanting to do, let me know, I might be able to make a video about it!
It worked!! It took a while but only because of 2 majors issues #1, I didn't set up port forwarding correctly which required a call to my ISP (really take your time with this one). #2 I inadvertently put both routers on the same Wifi SSID. but switching one of the router to the 5G network, it worked like a charm! Thank you so much for uploading this Justin!
Port Forwarding is tricky and most ISP routers make it even harder, some even give it a different name! Glad you were able to get it all working though! Thanks for the comment!
Hey Justin, just wanna say thank you. I can't imagine how much time this guide saved me. All up and running first go, who woulda thought?! You're a real chief!
Just wanted to let you know your help here was instrumental in allowing us to access all our U.S. accounts while in Portugal. We were able to access everything in the U.S. as if we were there, at home. It worked flawlessly with the GLinet AX Slate and Opal routers. Took a little while to get it set up properly before we left, but with your help, it worked great in Portugal. We plan to head back there next year and this gear will be going with us again! Thank you.
@@jonyvillanueva I only did it once and did not get caught. I work for a different company now where it’s no issue where I work and they actually encourage work from anywhere for up to 4 weeks a year!
@@karimlonguar5826 - The Flint has a better processor, more memory, more ethernet ports, and 4 antennas, therefore it's faster and better for only $100 bucks. They just came out with the Flint-2 ($149) as an upgraded version.
Jason, you are the best! I have different routers but the way you explained this makes it simpler to follow for other setups. I must admit I watched the videos 50 times during the last week, read through every comment and I was about to email you when I had a last idea and worked! the dot is green now!! thank you
@@TitinaOF Hi! I am trying different ways to reach viewers from other countries on TikTok by changing the IP like this. What is your situation at the moment? What do you use that State AX and Opal setup for? What's your opinion? Could something like this that I am trying work with a setup like this?
Thanks for this great tutorial. I purchased both of the items you used in your demo and the WireGuard service works perfectly. I have used it both domestically in the US and internationally with no problems. I updated the firmware on the home Opal device today, and was warned that the process would remove custom settings, so I had to reconfigure the WireGuard server. The update added a nice feature to the configuration process where you can choose to "Use DDNS Domain" so that it generates the script including the DDNS address, so you no longer need to cut and paste that information manually.
First of all, wow thank you so much for this video! It’s taken me days to find something like this. Thank you for your responses to all questions asked as well. You’re awesome for doing this! I will be setting mine up the way you did it here and I’ll be back to let you know how it goes :)
Thank you so much. I wanted to highlight one thing: I followed the whole video and still faced an error when I was trying to connect(turn on) the VPN client. The reason behind that was my second router was not connected to the internet. So, if you are facing an error when you turn on the client after configuration, make sure your device is connected to the internet (similar to how you connected the first device to your home internet). Thanks.
Hi @@justinreviewsandrepairs5246 ! I was able to create my own VPN at home, thanks again!! I wanted to ask you about this: I have a friend in Spain who set up a VPN using Open VPN, but on Linux. He shared an OVPN file (server), but it's not working on my Slate AX (client). Do you think it is possible to make it work?
Justin, I apologize for my ignorance on the terminology and understanding with this stuff. You have been super helpful and I hope I did not come across rude with my last comment. I will just start over and go through the setup of each travel router and see what happens. Thanks again for your replies and content.
No need to apologize, I was just having a hard time following along with the comment. Feel free to email me and include screenshots to make it clearer: support@JustinPruett.com
Hello Justin. Thank you for this very useful, step-by-step guide. I appreciate your style of teaching. With your help on the nuts and bolts of this operation, my wife won't feel like she's missing out on any of her favorite streaming things while we're visiting Europe.
Thank you! Yes, that is another use for the VPN! But I was pleasantly surprised by some of the shows available in other countries as well! Back at home you can also use it to share streaming service accounts by using one IP Address at two places.
@@justinreviewsandrepairs5246 Unfortunately, I'm running into the same issue as many of the other recent commenters. Unable to start the VPN client on the 1800. The log shows the same errors others are having. 🙄I'll have to call GL Support to see if they can help.
Feel free to email me at Support@JustinPruett.com if they are unable to help. The most common problem is the Port Forwarding step which is different for everyone based on who their Internet Service Provider is. The second most common problem is trying to test using the same Internet connection as the server, which is not possible since both devices are already on the home network.
Hey Justin! I just got this setup working using the Slate AX for the client and Brume 2 as the server. Thanks for putting this together, of all the resources online this video was the most helpful. The biggest headache for me was actually getting the port forwarding to work on my ISP modem because apparently its software sucks lol. Anyways, I just wanted to say thanks for this super comprehensive video. If you ever need a testimonial or advice with anything data/software engineering related (that's what I do) don't hesitate to ask.
@@josieicaza7031 for me it was just crappy software in the modem. Make sure that you’re setting up port forwarding on the correct device. For example, I had a modem which was the internet gateway and a separate router for wifi, which meant I needed to set up port forwarding on the gateway modem and connect the gl.Uber to that. The other thing is try restarting whichever device is doing the port forwarding after you set it up and give it a few minutes. If that doesn’t work then do a factory reset (make sure you can recreate whatever configurations you had) and then try setting up the port forwarding again - also with a restart after. Hope you get it working!
@@b.n.y.a1599 i made a tutorial on my channel - how to set up a vpn server and vpn router. in that video towards the end, i show a button that ensures your connection stops working whenever the VPN stops working for whatever reason.
Hola gorge, soy también colombiano y necesito hacer este puente, podrías ayudarme a hacer el set up de los routers, ta compre los dos pero no se como se instalan, cualquier ayuda le agradecería! Bendiciones, si algo nos comunicaremos por WhatsApp
Perdona q insista es q me urge ir a Colombia y mantener mi trabajo, cualquier ayuda y si hay algún cobro por el tutorialme hace saber, quedo atento. Thank you
You are the genius and lifesaver I'm looking for. I have a trip coming up and was worried that internet access outside the US would be banned. I just placed the order through your link, and I can't wait to set up the routers for the trip.
@@justinreviewsandrepairs5246 Hi Justin, I just emailed you about a Port Fowarding question. The subject line is Port forwarding question from Danielle Chen. I tried every steps but still could not connect the two devices. However, openVPN works fine on Slate AX. It just won't connect to the Beryl AX.... Please help!
Thank you thank you thank you! You made what was quite a complex challenge (for my low technical aptitude) so so easy to follow! I got hung up on setting the port forwarding for AT&T because I missed a step bit after that it worked like a charm
Hi Justin, thank you for the information! I am planning on buying this router, but I have a quick question. I need to travel to South America for three weeks, but my employer does not allow me to work from there, and my computer also has a VPN set up. Can I use this VPN router to set up a US location and connect to my work VPN from there? I am new to this information, so I am trying to understand how I can do it. Thank you!
Yes, the two routers basically make a bridge from wherever you are back to your house. However, there are some speed and latency issues with video calls or anything high bandwidth like that. Also, if your home Internet goes down while you are away, you are out of luck. So be sure to test as much as you can before you go. Safe travels and thanks for watching!
@@justinreviewsandrepairs5246this is the same question I had ! So even if I my work computer has its own company built in vpn…I can still by pass this by telling the vpn that my IP address is in my “ home address “ by following your instructions? Just wanted to double confirm this information !!! Please let me know !!! And thanks once again you are the best !!!
Just wanted to leave a note incase anyone runs into the same issues I had getting this setup running. I have a Brune2 as the VPN Server and the Slate take with me. I followed all the same steps, including the port forwarding on my main ISP router, except changed the IP to 10.1.0.x/24 instead of the default. After I was able to run the Server on the Brune2 I tested the connection with the Wireguard app, important to note when you're testing the connection turn off wifi and use a separate network like 4G/5G. Once I uploaded the Client config file to the Slate it initially wasn't getting a handshake and connect but I was trying on the same network. Once I had everything configured and I turned on the client outside my home network and the Slate and Brune started to talk to each other as intended. Still need to test more outside my home office but this video is the best tutorial I found on this after reading through many other pages, forum posts and documentation. THANK YOU Justin!!!
Thank you! Glad it helped! I noticed more ISP routers are using 10.0.0.x as their Local IP range which can lead to problems with the default WireGuard ®️ IP range, good job catching that!
Hi Justin, we did all the steps but we cant get the VPN client connected with Wireguard. The log file keeps telling us that is reloading firewall du to the IFUP of modem.
Someone else is having the same problem, I am going to check if new firmware is causing it. If it's not then I wonder if you both have the same ISP causing the problem. I will try to post an update soon.
@@justinreviewsandrepairs5246 We fixed the isuue with support from GL. Instead of choosing "both" in port forwarding, we needed to choose UDP and connect the 1800 in another network than the 1200. Thank you
@@nickkoutris4873 Hi Nick, I think I hit the same problem as you did. On my Client router, the yellow light is always on the "WireGuard® Client" sign of the admin website. Per your solution, is changing port forwarding from 'Both' to 'UDP' the only change you made to solve the problem?
@@nickkoutris4873 this worked for me! I switched the port forwarding from both to UDP. I also connected the repeater with the client wireguard to a different network than the network i was forwarding on (where i had my repeater with the wireguard server). I just used my hotspot to test.
Hi Justin! I got everything set up just like in this video. However, when I connect my client Slate AX to a public WiFi network outside the home (Starbucks, the library etc.) I get the message " The interface is connected, but the Internet can't be accessed with IPv4 protocol." It works perfectly when I use my mobile hotspot to connect to the client router. Is there something wrong with my configuration? I am worried because I have an out-of-state trip to go on in 2 days, and need this system up and running. Thank you so much for your help! Best regards, Jennifer
Hi Jennifer, sometimes public WiFi networks require you to accept terms of use and things like that, it makes the process a lot more time consuming but it can be done: docs.gl-inet.com/en/4/tutorials/connect_to_a_hotspot_with_captive_portal/
@@justinreviewsandrepairs5246 Thank you so much, I realized that this might be the case. For anyone else, I fixed it by updating my client router to version 4.2, which has a new feature that essentially lets you spoof your MAC address by using a custom mac address. I went through the login page on my iPhone and then went into settings, clicked the wifi network I connected to, and then copied down the "Wifi Address". Then I copied that MAC address into the router, and then the wifi connected to the router perfectly. I hope this is helpful for someone!
@@justinreviewsandrepairs5246 Hey Justin, I am having the same problem and do not quite understand what to do. I tried to follow the directions that you posted but I was still having issues. It no longer gave me the error message of the internet being accessed, and said that it was connected, however, it did not load any web pages. I also tried to get on my phone hot spot to try that out and it said it was connected but then again, wouldn't load web pages saying that it was not connected to the internet. Could you possibly make a video of you using this system to connect to a phone hotspot or a different wifi network? Just so I could see it visually? Or if not, do you have any guidance? I appreciate this video and your responses so much!! If I can get it working it will be the best thing in the world (and I won't lose my job lol)!
Hey Justin thank you for your detailed explanation setting up these routers. However, I ran into an issue, but I was able to fix it by reading the comments. I wanted to share this in case someone else encounters the same problem and needs some help. If you have a Xfinity router at home, please DO NOT use the default IP address for the Wireguard server which is 10.0.0.1. Instead, you canchange it to 10.20.0.X/24. After I did this, my network became more stable with no drops, and it's working smoothly.
Thank you for sharing! This is correct! Xfinity routers use a private IP Address range typically used in a corporate environment. You will also need to change your default LAN if your ISP Router is using 192.168.8.1/24
Hi @abelulloa3979, I have Xfinity as well and when running DDNS Test and it says that the DNS record for this DDNS domain could not be found. Would you be kind to help me?
I tried your setup and you were very good at explaining things, it appears to be working with the VPN dashboard showing up and down traffic. Since it is going to a Beryl at the "home" location which also gives the 192.168.8.xx IP it was hard to determine if it really was working. So while doing the speed test I disconnected the client and it stopped the speed test, but I sure can't tell by the IP address. You did very well to help someone actually make this work that is far from qualified. Thanks. I am still questioning my success!
Hi Justin, First, I want to thank you so much for the detailed step by step tutorial. Like most people here I happen to encounter the most common issue - I can’t start the VPN WireGuard Client on the travel router despite setting up the server/port forwarding. Some background, I have Verizon and even after setting up port forwarding, I run the DDNS Test I still have 2 different IP Address and the same warning - from DDNS Domain Resolution is the same as my ISP Public IP, but the WAN Interface Ethernet is still the same one it was assigned initially. Look forward to hearing from you and thanks once again! Edit: Turned out I changed from TCP to Both in the process of Port Forwarding set up and everything started to pick up and worked out fine now.
@@justinreviewsandrepairs5246 Just a follow up question - I expect a big drop in connection speed but what would you estimate the speed to be if I were to be in very long distance (thinking US-Asia Pacific)?
@khanhly-courtleveltennis how were you able to set the port forwarding in Verizon? I'm also using both in the process of port forwarding but it doesn't seem to work .... did you call verizon?
Thanks Justin for the comment. Let me give it a try. I exchanged a few msgs with nord, but not getting anywhere with them. I will definitely look up the port forwarding for the xfinity router/modem.
Here is the video that shows how to get your IP Address or MAC Address from your travel router for port forwarding: ua-cam.com/video/LzBa6KsfG9A/v-deo.htmlsi=bpljRVvc_0LTJpt8
My guuuuyyyyyy!! Thank you some much for everything! Thanks to you I’m working from my home country and can spend more time with my family! I fricking LOVE you!! Thanks again 😊
This is how you would use your home IP address in say America while you're in another country, so your employer would never know? Other remote work vloggers charge money for an installation but this guide is all I'd need? Seems straight forward enough.
Yes, but keep in mind that most employers have full access to your work computer so it is not 100% full proof. For example they could open your webcam or microphone and this method does nothing to stop that. I do not offer installation services, but feel free to comment or email if you run into an issue.
@@justinreviewsandrepairs5246 Thanks. Webcam/mic access wouldn't matter because there wouldn't be any tell tale signs if so, plus we rarely use webcams in day to day work (also webcam covers built into our work computers). As for the at home router, the Flint router works great and would have the same steps?
Yes, the steps would be similar, the Flint is like the home version of the Slate AX with similar specifications. If you are using the Flint as your main router, such as plugging a cable from the Fiber Optic ONT into the WAN or a Cable Modem (Or a Cable Router in Bridge mode) to the WAN then you can skip the Port Forwarding Step. In the video I was only using the Opal as a VPN Server, not as a whole home router. If you want a little more power, the Flint 2 was just released and offers the highest performance. Although, I think for most people the latency between two locations will be the bottleneck rather than the performance of the device for anything faster than the Beryl AX. Having Fiber Optic Internet at both locations (with low latency) can really improve the overall performance of any two routers.
@@justinreviewsandrepairs5246 thanks brother. Would you recommend running a Tplink archer ac1750 for home openvpn server or go with a newer portable GLINET one? I already have beryl AX for the portable side
Awesome video Justin! I emailed him because I was having some port forwarding issues and he got back to me very quickly. Wonderful channel!!! Thank you so much, dude!
Hi Justin. I am experiencing port forwarding issues with my Virgin Sagecom FST5250 device. I can’t find good videos on the internet and when I set up the conditions similar to yours it says it’s not valid. Is port forwarding absolutely necessary for the extra security with opal? What can I do? Thanks in advance- you are a life saver
Precisely the issue I encounter when I type “51820” in the port forwarding rules is “you must enter either a number or a range between 1 and 65535. With a range, put the larger number at the end”
Thank you so much, you now made this thing very clear for me . I did not know what the whole set up is and how i would hide my location while working abroad.
Great! Be sure to test before leaving and make sure "Block Non-VPN Traffic" is enabled from the VPN Client Global Options since newer versions of the firmware seem to default to off.
Thank you very much Justin for perfect explanation. The only issue is, when connected directly to internet my internet speed is 20MB download and 15MB upload (using my mobile hotspot), but when connecting to the wiregaurd server the internet speed reduces to 5 MB up and 5 down. I am using GLiNET AX-1800 for my server at home and the AXT-1800 for travel router. I appreciate your help
You will always be limited by your slowest connection, that's why if possible you should get Fiber Optic Internet for both ends. Besides Upload and Download speeds, the third factor is Latency. Your HotSpot is likely adding latency which will reduce overall speeds.
@@justinreviewsandrepairs5246 Another question. I set this up at home and it worked well. Now I connected my server modem to my friend's home Xfinity modem via cable and I get internet on my server modem but as soon as I turn on the Wiregaurd server, internet get's disconnected. I even tried adding the portforwarding port to my friend's Xfinity app (and turning off advanced security, but the issue still persists). Do you know what could be the issue?
@@justinreviewsandrepairs5246 another question. I set this up at home and worked well connecting client to server. Then I connected server modem to my friend’s Xfinity via cable. The issue is I have internet on my server modem until I turn the wiregaurd server on. I soon as I turn wiregaurd server on, internet gets disconnected. I even tried adding the port to Xfinity app in my friend’s phone and turned off advaced security but still not working.
@@justinreviewsandrepairs5246 another question. I set this up at home and worked well connecting client to server. Then I connected server modem to my friend’s Xfinity via cable. The issue is I have internet on my server modem until I turn the wiregaurd server on. I soon as I turn wiregaurd server on, internet gets disconnected. I even tried adding the port to Xfinity app in my friend’s phone and turned off advaced security but still not working.
Xfinity uses a corporate network address by default which conflicts with the default local address for the WireGuard ®️ VPN Client. You will need to change the default from 10.0.0.1/24 to 10.1.0.1/24 on the WireGuard ®️ configuration as seen here: docs.gl-inet.com/router/en/4/interface_guide/wireguard_server/#setup-wireguard-server
Thanks Justin your videos! It looks like for your work remote set up you recommend using the Slate AX router along with a GL.iNet Opal Router. In this videos comments though you recommend using the Slate AX with the GL.iNet Beryl AX instead of the Opal. Another guy on UA-cam who makes similar content/how to videos recommends using the Slate AX travel router with GL.iNet Flint 2 router. And another guy on UA-cam recommends using 2 Slate AX routers; he says the Slate AX offers faster wireguard speeds than the Beryl. 1 thing is clear - you all recommend the GL.iNet Slate AX router as the 1 to travel with. But which is the best 1 to have at home? The 4 options you 3 guys recommend are a 2nd GL.iNet Slate AX or GL.iNet Opal or GL.iNet Beryl AX or GL.iNet Flint 2. The router modem currently at home is the Xfinity Gateway XB8 (for Xfinity Comcast internet)... What router would be best to use at home with XB8?
This video is more than a year old so as new routers come out the best option changes. Currently the Flint 2 would be the fastest option but if your budget is lower then the Beryl AX is an excellent ratio of price and performance. A full list is in the description. Let me know if you have any questions or run into any issues.
Hey Justin thank you for this amazing video! Most detailed out of everything I looked up. I watched multiple times now and sorry for some dumb questions if you don’t mind. 1. With port forwarding between home router and travel router, do we need a VPN subscription like NordVPN? Cuz I looked up NordVPN and they dont allow port forwarding, and also I didn’t see you logging in to anything. 2. What is your Frontier router’s role in this? I saw that you are leaving Opal at home and traveling with Slate AX but didn’t get why you’re adding in Frontier. Thank you!
Thank you! 1. In this video you are basically running your own VPN Service, you do not need Nord for this video. There is another video that covers using Nord. 2. Frontier is my Internet Service Provider, they provide me with a router and instead of replacing theirs I added the Opal. If you have Fiber Optic Internet you can probably get the Flint 2 router and replace the ISP router completely. If you have cable, you must use a modem which typically is bundled with a router these days. So unless the GLiNet router is the main router you will have to do the Port Forwarding step. Please let me know if you have any other questions Thank you - Justin
@@justinreviewsandrepairs5246 hey Justin, thank you so so so much for explaining. The set up worked out perfect for me. The two things that did the trick was first only enable UDP on the home router port forwarding and second change the default IP address 10.0.0.1 to 10.1.0.1 on the stay at home server router. Hope this helps others too. Again thank you!
Do you have Xfinity? For some reason their routers use the same IP Address range as WireGuard ®️ which is why you had to change it. Glad you got everything working! Thanks for sharing!
@@justinreviewsandrepairs5246 exactly I use Xfinity! Don’t mind this extra step and I noticed traceroute that it takes 1 step in my home city before routing to the next steps.
This is super exciting. I ordered 2 gl flint 1's and can't wait to hook them up. I'm trying to create a tunnel from the inlaws to our house for netflix.
I was so mad when they started charging extra when my plan supposedly allowed more than 1 device to stream that I cancelled. Setting up a tunnel is definitely an option, but I hate that we have to.
Glad it worked! Make sure to Turn On "Block Non-VPN Traffic" form Global Options on the Client for increased protection. I am hearing it is not on by default in the newer firmware.
Justin, I wanted to give you an update since you have been so helpful. First, the good news, I purchased both slate ax and the opal using your links. Second, I was able to set up and test the port forward with your guide and it is functioning as intended. However, yep some not so positive news, I am getting too great of a latency where just trying to use authenticator code for work vpn login it's timing out. Both routers are using the ethernet connections to isp routers. Both isp locations have 400+ mbs service. Unfortunately, I was unable to test with my laptop connecting to slate ax via ethernet cable. I was getting speeds of only 12mbs this way. I was able to eventually get into the work vpn and access it's servers, so it WILL work, but not with the reliability I was hoping for. Maybe, with Laptop connected via ethernet cable to slate ax it will get better... Fingers crossed. Anyway, thanks for the help. I am quite certain I would not have known how to set up without it.
Do you have 400mbps service both download AND upload? Upload speed is also important. One other thing to check is if the country you are in just has a poor connection to the rest of the world. You can use this website to gauge the latency between two cities. If the latency is too high, like above 150 ms, you will encounter problems as well. wondernetwork.com/pings Can you describe your authenticator? A traditional authenticator uses a time based 6 digit code or a code is sent over SMS to your phone.
Hi Justin, I appreciate you going through the motions and explaining every step for us. When I run a DNS test, it shows my real location. Is there a step or plug in to try and avoid the DNS leak? Thank you!
Yes, the other video shows how to set your DNS to CloudFlare or whichever you like. It also needs to be changed in the configuration file that you use for the Client.
Hi Justin, thank you for the amazing tutorial. I followed the step by step and I was able to successfully complete the steps using my personal PC. I do have 2 questions though. 1. How do I connect to my work laptop using WiFi? I do have a portable hotspot I carry with me all the time so I do not need to worry about hotel WiFi. 2. How do I test that I did everything correctly before leaving my home state to another state?
Great to hear! 1. You will likely want to connect the Client travel router to the Hot Spot and enable the VPN, then connect your work laptop. Be sure to turn off automatic connection from your work laptop to your hotspot since you will want to connect to the travel router instead.
2. After connecting things in 1 above, you should be able to compare your Home IP Address with the one you get while connected to the VPN and they would be the same. You can use a site such as IP.suzam.com to view your IP Address.
@@justinreviewsandrepairs5246 pls how do I enable the VPN? Will I need to always have my personal PC with me to connect to hotspot before initiating my work laptop to the client traveler WiFi?
If your HotSpot is not your phone, you can use your phone to access the dashboard, but you only need to connect to your HotSpot once anyways. It will remember the WiFi and connect when you turn on the Travel Router. You can also set the custom switch on the travel router to be used to enable or disable the VPN so you actually don't need to access the dashboard at all after the initial setup.
Hi Justin thank you so much for all of the service that you're doing. I read your comment about them just wanting to make sure you have a secure connection, I agree I think most IT people don't have the time to dig any further really unless you give them a reason. I was wondering do you think if I buy the slate AX and install a residential VPN on it here at my home and then Ethernet into it, that would generally speaking be enough?
A residential VPN from a third party service or running the server yourself? Not many third party services offer residential IP Addresses but there are some.
Great video. Love it. Instead of the opal and slate AX I used two Slate Plus to set this up. I connect one Slate Plus to my FritzBox Router (My ISP Router) at home which then serves as the Wireguard Server and the other Slate Plus is then my Wireguard Client. So far so good. But for some reason when trying to enable DynamicDNS the DDNS Test, I get the following error message: "The IP from DDNS domain resolution is not the same as the WAN IPs of the device. You need an Internet Public IP address to use the Dynamic DNS. If this router is behind NAT, you may need to set up port forward in your ISP router." ---------- (I did already forward the ports as described in your video as well on my ISP Router but that does not seem to do the trick.) Can anyone help me with this? I would really really appreciate the help
@@justinreviewsandrepairs5246 Thanks so much for the fast response. When I enter my DDNS Name (the one given by the Slate Plus) and do the test, then it does show my public IP. So I would assume it works? But for some reason the DDNS Test on the GL.iNet Admin Panel does still not seem to work.
Hey Justin, this is the best video I’ve seen BY FAR on setting this up. Great job my man. I’m having some troubles and need help from anyone in the comments with insight. When I get the configuration file from the home router, it doesn’t include a listen port and includes an MTU number. Even when I connect my travel router to my cellular data, it stays in yellow mode until it times out. Can anyone help?
My WireGuard server works great and port forwarding seems to be working well. The issue seems to be connecting my travel router to my leave at home router.
Yes, you need to setup Port Forwarding on your ISP router to forward to the travel router you are using as a server (the Opal in the video). Most problems are because the Port Forwarding is incorrect or trying to test from the same Internet connection (you need to use a second Internet connection for testing as you would while traveling). This video covers which IP Address you should be using for Port Forwarding: ua-cam.com/video/LzBa6KsfG9A/v-deo.htmlsi=mULpirlgaJ09NzbV Let me know if you run into issues at support@JustinPruett.com
Hi Justin! Regarding your comments in the updated description box, if I get the Beryl AX and the Slate AX, which should I leave at home and which should I take with me? Also how much does the MT1300 differ from the MT3000? I am an absolute novice so apologies if these are really basic questions… I want to make sure I buy the right devices. Thanks in advance!
Hello, the Opal is no longer receiving updated features, so that is why I now recommend the Beryl AX. The original Beryl may or may not get updated, but the Beryl AX is significantly faster for WireGuard ®️. In the event that you find out that you cannot do the port forwarding step, the Beryl AX supports ZeroTier which is an alternative method that will allow you to complete the overall setup. As far as which device stays home, it can be either since the devices are extremely similar, but I prefer to take the Slate AX and leave the slower device.
These are the best "step-by-step" instructions out there. Thank you you taking the time to explain everything and making this seem much easier. Is it common for connection speeds through the VPN to be pretty low? I have a 500mbs connection in the US. 1GB in the UK but regularly register 20mb speeds through the wireguard VPN. However im using 2 Beryl AX routers.
Thank you! Are your connections Fiber Optic and have 500mbps Download AND Upload? Upload speeds are also important. In general the connection between New York and London is good: wondernetwork.com/pings/New%20York/London If you set up your Home Server with WiFi instead of Ethernet, you should switch to Ethernet for improved latency. Keep in mind doing so will require you to update the Port Forwarding rule as well to the Ethernet IP Address listed in the Dashboard.
Would love to see a video on how to use the Slate AX on public WiFi that has captive login portals, like airports or hotels for example. Sometimes they prevent me from internet access when using the slate ax.
Thanks for the suggestion! It is a huge pain connecting to some portals, luckily there are two ways to do it: docs.gl-inet.com/router/en/4/faq/connect_to_a_hotspot_with_captive_portal/ But in my experience their Internet is often slower than my own HotSpot anyways. AirBNB is usually the way to go when you need to work remotely since their Internet is usually good. As far as HotSpots, the USA and Japan each have providers that offer Unlimited High Speed HotSpots.
Hi Justin, first and foremost, fantastic video! I do have a few questions: 1) How would the Opal and the home modem setup look like? 2) Do you have the kill switch/block all non-vpn traffic on for both devices?
Thank you! If you plug the Opal directly into the modem, you won't need to port forward. The kill switch would only be on the Client (Slate AX) and was on by default in the version of the firmware I was using, it's always good to double check though from the dashboard.
Hi Justin, thank you for your hard work you put into your videos. This one made me to setup your exact setup by going all step. And it works! Thank you for that. May I ask how your speedtest results are higher than on my setup? I usually get 9mbps for download when accessing remotely via wireguard while I get 100 mbps for downloading when accessing directly to my router at home. Maybe I have missed something. Hope you can help with a great tip.
Your speeds will be limited to your slowest connection. 100mbps is pretty slow, so I assume you have cable? What is your Upload speed without VPN? 10mbps? Getting Fiber Optic Internet for both sides will increase your speeds. If your Internet is fast then you'll start to be limited by the router, the Opal is old and will get about 10mbps whereas the Beryl AX or Slate AX can go faster.
@@justinreviewsandrepairs5246 thank you for your response. I have checked the ISP upload speed and it is capped at 10Mbps. Thank you for your guidance - I have understand that I need to contact my provider to upgrade to a higher upload speed to achieve a higher download speed on my remote client. Thank you!
@@justinreviewsandrepairs5246 Really really really dumb question, but I need to ask: I'm behind a NAT...do I need to enable DDNS on my primary router and subscribe to a DDNS service so that it remains static and I can continue to remote in without any unexpected complications? (i.e. IP address refresh while traveling). What I gather from this tutorial is that I shouldn't worry about this since I'm essentially configuring the tunnel with the assigned IP address of the device. I'm soo confused about this, but if you have any resources you recommend I look at so I can understand this better, I'd appreciate it. Thanks in advance!
Thanks, can you explain your setup? If you have standard Internet service you should be able to Port Forward. If you have shared Internet such as 5G, Starlink base plan, or shared Apartment Internet, then you likely won't be able to Port Forward. Some apartment Internet service providers can provide real Internet for an additional fee. Starlink can also provide an IP Address for an additional fee. I am not aware of 5G providers offering this.
@@justinreviewsandrepairs5246 I have done all the port forwarding, I do have a dynamic public IP so i setup ddns and it works all good. I am just wondering, I heard a lot about double Nating and how it can slow down a bit. How can I check if I have a double NAT? Chatgpt says if your vpn server router gets a wan address that looks like a private IP address then you are doing double NAT ing. and there are some suggestions to fix it. I want to confirm if that's correct info. My setup is. ER605 vpn server, which is connected to an ISP provided custom router. I want to be clear everything works amazingly thanks to you. I just want to learn as much as possible and also make it as efficient as possible. Thanks Justin!
Hi Justin. Great videos - they've brought me up to speed. But when I do the DDNS test I am getting the following error message: The IP address from DDNS domain resolution is not the same as the WAN IP of the device. You need an Internet Public IP address to use Dynamic DNS. Not sure what this is about.
Thank you. The warning message is there because your GLiNet router is behind another router and will require Port Forwarding. You can use the test on this page to confirm DDNS is working: justinpruett.com/glinet-troubleshoot.php
Yes, the Travel Router establishes its own VPN connection so you can continue to use your work computer as if you were home, including their VPN service.
Thank you for your effort to create this video. Just for my better understanding. I actually need 3 routers, right? One provided by my internet provider, second iNet and Opal as third? No option to use opal as my main router instead of the one provided by my Internet provider?
You could use the Opal as your main router, but it is not recommended. The Beryl AX would be the minimum but if you live in a home larger than 400 sqft then you should consider the Flint 2 since it has large antennas for better coverage. If you have Fiber Optic Internet, simply plug a cable from the ONT into the WAN port of the Flint 2. The Description of this video has a list of all of the router options. Let me know if you have any questions.
@@justinreviewsandrepairs5246 Thank you for your response. I do have Fiber Optic Internet but do not have ONT (from what I know my router - Funbox 3.0 - provided by ISP works as GPON device) so I would have to set that one in bridge mode and run the ethernet cable from a LAN port of ISP router to WAN port of GL.iNet / Flint 2 router. Won't this result in too much latency? I want to set up the most professional setup possible to avoid potential delays and issues while working from Thailand. Perhaps I should request an ONT from my ISP and thus get rid of the current Funbox 3.0 router, and instead configure a router in server-client mode (e.g., Flint2 / Slate AX)? Wouldn't this be better? I'm a complete novice, please recommend and thank you in advance.
That sounds like a good plan if they offer a way to bypass their router. If not, there shouldn't be that much latency from it, you will have much more latency from your remote connection. Thailand typically doesn't have the best Internet, so try to plan ahead for a fast Internet option there.
Hi Justin, Cant thank you enough for this well made tutorial. I was able to make it work for my home router but when I am recreating it for a friend their ISP uses CGNAT, any tips if the ISP doesnt have Public IP4 but have Public IPV6?
I believe it works with IPv6, but the DDNS might default to IPv4. Try putting in the IPv6 address instead of the DDNS address to test CGNAT. They may be blocked by their ISP on IPv6 as well. For now they might want to try TailScale but the server has to be run on a computer or you need to perform command line commands to set the Exit Node (Advanced setup)
Thank you Justin for the informative video! GL-iNet is now version 4.5.16 and options are rearranged (a lot) but your video still hits all the major points. On your remote client router, Slate AX in your example, did I miss where you can specify a split router? In an ideal world what two GL-iNet routers would you recommend for 2024? Another question I can not find a definitive answer; I want my Client(s) to access location A and location B. I would like to be able to reach all devices in BOTH locations. If location A, HOME devices are 192.168.1.x/24, do devices on location B, OFFICE have to be on a different sub net 192.168.2.x/24 (NOT be the same as 192.168.1x/24)?
Thank you, I guess it is time to make an updated video. For your use case I would highly recommend considering the Ubiquiti UniFi UDM Pro to establish the site-to-site connection. They have some cheaper options as well, but in general Ubiquiti is very expensive because it makes that type of advanced network set up easy. The GLiNet routers are great but they are not intended for your use case. I will need to upgrade my firmware to see what you are seeing as far as the split "router", could you explain what you mean by that?
Thank you so much for putting this together! Instead of purchasing the Oval, would you advise purchasing another Slate so one serves as the client and one for the server? The purpose would be to increase video quality especially when it comes to watching TV and better video calls.
Yes, two Slate AX would be preferred since the Slate AX has more powerful hardware to encrypt and decrypt traffic on WireGuard ®️ but keep in mind that physical distance between the two devices and the latency will always play a role so be sure to test and/or have a backup plan. Thanks for watching!
@@justinreviewsandrepairs5246 So in this case, is it better to have a flint as server and slate plus a router? which is better as the distance will be far
Justin! I'm beyond thankful I came across this video. I just purchased two Slate Plus GL-A1300 routers. Please, would you mind if I sent you an email with a few questions regarding my set up? Your time is much appreciated!
Hi Justin! Thanks so much for the super helpful guide. I have followed the same steps exactly and was successful in connecting, however, I ran into a couple of issues. The first one is, the travel router (AX) would not connect to my Home IP VPN if the AX is connected to my home Wifi, it only connected when it was connected to an external network (my iPhone as a hot spot or external Wifi network), is this normal? Or is something wrong? The other issue is, the speeds are very slow, I mean given network speeds of about 100Mbps to 150 Mbps, I got speeds of about 5Mbps to 15Mbps with bad latency (about 60ms) when connected to Home IP VPN, please let me know if this speed reduction is normal or if there is something I can try to help with this. The Opal is connected via Ethernet by the way.
Yes, the Slate AX should be on a different network than the Opal that stays home. Increasing speed is tricky, using WireGuard®️ is the faster option so then you can try using Ethernet cables instead of wireless and make sure your upload and download speeds from your Internet provider are fast.
Thank you for the in depth video! I'm wondering if you can use 2 of the flint 2 routers for both the router you connect to your home router and the router you travel with? I'm hoping it will increase internet speeds and help with latency?
Yes you can, but it is a bit large to travel with. The Slate AX should be fine, in all cases you want Fiber Optic Internet on both sides for the best results.
Thank you! Currently working from Ghana, West Africa! To increase internet speeds should I use an ethernet cable for the travel router or will it be the same speed as the wifi option?
Wired is preferred, it should have lower latency versus WiFi. Africa has been plagued with multiple infrastructure problems recently that have degraded the Internet there. Having a Fiber Optic Internet connection at home and Starlink in Africa might be the best way to improve speeds right now until they repair everything.
Hi Justin, thank you for your help. I followed your instructions and successfully completed the setup. My question is, how do I know My travel router is using my home network?. I will really appreciate your help. Thank you
If you connect the Client Travel Router to a second Internet connection, you should see your Home IP Address when you turn the VPN Client on and a different address when it is off.
Justin, I am an elderly digitally deleted with 2 traumatic brain injuries. I do have a computer and a cell phone and a home internet connection. When I go camping in the boonies, and there is no hot spot or wifi connection how does this stuff connect?
It won't, it requires Internet of some sort so in that situation you would probably want Starlink Internet Service. You probably don't need the GL.iNet router for this scenario.
Is this possible without access to the router to setup port forwarding e.g. using tailscale or zerotier? If so, can you also make a video showing steps on how to setup. Thanks.
You could setup ZeroTier ahead of time and then have the person you ship it to plug in power and Ethernet and be good to go. I hope to start on a ZeroTier video soon.
Hey! Thank you making the first in depth tutorial for this. My company used a VPN to access company websites that i need for my job. Will this work with that?
Thank you! You mentioned that Allow Access to Local Network option makes it less secure. Is there a way to make it more secure so I can access my NAS remotely, or would I have to use another method?
Anything connected to the Internet is inherently insecure, I was merely pointing out the risk. You can find news stories about popular NAS providers such as QNAP and WD suffering from massive vulnerabilities. You can hire a specialist to help decrease your risk, but it is unfortunately never zero.
Helpful Links
Port Forwarding Help: ua-cam.com/video/LzBa6KsfG9A/v-deo.html
Captive Portal Tutorial: ua-cam.com/video/46nG8mhm5og/v-deo.html
Test DDNS: justinpruett.com/glinet-troubleshoot.php
Update: Many cable routers seem to struggle with TCP, please select UDP only in the Port Forwarding rule instead of both.
Update: The Beryl AX came out right after this video was published, it is a much better option than the Opal in a price range that balances price and performance.
What do you do once you're in your new location to test and connect? Can you make a video about this
This did the trick!!! I didn't match isp assigned ip! YOU WERE EXCELLENT!! APPRECIATE YOU AGAIN!💯💪🏿🙏🏿
If my home internet has a static ip, what steps would I use? Thanks
@@russhewett514good question.
@@russhewett514 you simply don't use Dynamic DNS. Everything else is the same.
I want to comment how Justin is very responsive and kind to answer questions. From all of us, Thank You
Thank you, I appreciate your support! 🙏
110% He's Awesome!!!
Just wanted to share that your videos took me from essentially 0 knowledge on VPNs to successfully working remotely in Thailand for the past 4 months with no issues.
Using 2 Slate AX as my setup, thanks for the help!
Wow! Thank you for sharing! Thailand doesn't have the best Internet infrastructure according to WonderShare Latency data so it is good to hear it is working there! Thank you!
So nice to hear that it works in Thailand, could you possibly test and see how the latency/ping is and preferably in which city do you test this in Thailand? I am considering working from Thailand with softphone via VPN and am very dependent on a good latency :(
@@nizzar2003 I run my home server from the UK, in Koh Samui the ping has been around 200-300ms which is obviously quite bad but I was able to take calls, there was definitely some slight delay but it was manageable. Have done video calls with no issue also.
@Speatto Thanks for sharing, I think 200-300ms can be as you say manageable, I'm thinking of moving to Phuket or Bangkok depending on where the network is more stable and which allows me to carry out my work with customer service via softphone without a large latency/ ping. @Speatto Do you also have problems with a lot of power outages considering rainy seasons or what is it like in Koh Samui?
@@nizzar2003 power outages have happened yes, I’d say 2-3 times in the last 6 months. There are coworking spaces in al lot of areas (there will be many in Bangkok) which can be useful.
I’d imagine the internet stability would be similar in the main areas such as Phuket/Bangkok. I was in Phuket for a few months last year and it’s great, I will move there soon. If you’re more of a city person then Bangkok is also a great place and probably the best for work/opportunity.
This is amazing! I was trying to find a step by step video and couldn’t find anything until this. This is perfect! Ty so much! The only reason I’m doing this is because my boyfriend is in a different state for 9 months and now I can be with him 💕
Glad it helped! Thank you!
I just want to want to say MANY THANKS Justin! For your time and efforts you put together to make this video tutorial. I got my GL-INET routers talking to each other.
Great to hear! Thank you for the comment! Comments like this keep me going!
Thank you Justin. This has been a great help. I travel for work and have always wanted to setup a VPN with my home network. Got the same two routers and the system works great!
Glad to hear! Thank you for watching and commenting! If there are any other tech things you have been wanting to do, let me know, I might be able to make a video about it!
It worked!! It took a while but only because of 2 majors issues #1, I didn't set up port forwarding correctly which required a call to my ISP (really take your time with this one). #2 I inadvertently put both routers on the same Wifi SSID. but switching one of the router to the 5G network, it worked like a charm! Thank you so much for uploading this Justin!
Port Forwarding is tricky and most ISP routers make it even harder, some even give it a different name! Glad you were able to get it all working though! Thanks for the comment!
Hey ugomma, any chance you can show me how you tackled the 5g issue? I may be having the same issue. Can’t seem to run the client
Thanks a million, this is the only video that I found that made sense and was actually helpful with no added long talking.
Thank you!
Hey Justin, just wanna say thank you. I can't imagine how much time this guide saved me. All up and running first go, who woulda thought?! You're a real chief!
Thank you! Comments like yours keep me motivated!
Could you please share how you got the public IP address?
Just wanted to let you know your help here was instrumental in allowing us to access all our U.S. accounts while in Portugal. We were able to access everything in the U.S. as if we were there, at home. It worked flawlessly with the GLinet AX Slate and Opal routers. Took a little while to get it set up properly before we left, but with your help, it worked great in Portugal. We plan to head back there next year and this gear will be going with us again! Thank you.
Thank you for sharing! I am glad it worked well! 🙏 Thank You!
Just re-watched and can't thank you enough! Got everything setup so now I can work on the go ;)
Any updates? How did it go?
@@jonyvillanueva I only did it once and did not get caught. I work for a different company now where it’s no issue where I work and they actually encourage work from anywhere for up to 4 weeks a year!
I used Brume 2 for Wireguard Server and Beryl AX for travel router, works like a charm. Like others said here - use UDP instead of TCP/UDP, just UDP.
Thank you for sharing!
I have the same setup. Can you access the Brume Admin page while being connected to the berry client? Because I don't know how to make that work
Hello Thanks for sharing.. how about your work phone? Any ideas of how to use your work phone ?
This video is great. I use the Flint as my home router and Beryl AX as my travel router. Following your instructions made setup super easy.
Glad it helped!
Why did you use Flint?
How many travel routers can connect to flint?
@@karimlonguar5826 - The Flint has a better processor, more memory, more ethernet ports, and 4 antennas, therefore it's faster and better for only $100 bucks. They just came out with the Flint-2 ($149) as an upgraded version.
Hey I have those same router and would needs some additional help with mines
Jason, you are the best! I have different routers but the way you explained this makes it simpler to follow for other setups. I must admit I watched the videos 50 times during the last week, read through every comment and I was about to email you when I had a last idea and worked! the dot is green now!! thank you
Thank you! And thank you for increasing my view count! 😄 Feel free to comment or email if you do run into any problems!
How is everything working?
Really good. Not a problem at all. I have not had to do anything else after I set it up the first time
@@TitinaOF Hi! I am trying different ways to reach viewers from other countries on TikTok by changing the IP like this. What is your situation at the moment? What do you use that State AX and Opal setup for? What's your opinion? Could something like this that I am trying work with a setup like this?
Thanks for this great tutorial. I purchased both of the items you used in your demo and the WireGuard service works perfectly. I have used it both domestically in the US and internationally with no problems. I updated the firmware on the home Opal device today, and was warned that the process would remove custom settings, so I had to reconfigure the WireGuard server. The update added a nice feature to the configuration process where you can choose to "Use DDNS Domain" so that it generates the script including the DDNS address, so you no longer need to cut and paste that information manually.
That's great to hear! GLiNet does a great job making things easier to use! Thanks for sharing!
First of all, wow thank you so much for this video! It’s taken me days to find something like this. Thank you for your responses to all questions asked as well. You’re awesome for doing this! I will be setting mine up the way you did it here and I’ll be back to let you know how it goes :)
Thank you! Let me know if you run into any problems!
Thank you so much.
I wanted to highlight one thing: I followed the whole video and still faced an error when I was trying to connect(turn on) the VPN client. The reason behind that was my second router was not connected to the internet. So, if you are facing an error when you turn on the client after configuration, make sure your device is connected to the internet (similar to how you connected the first device to your home internet).
Thanks.
The most useful video on internet! thank you so much Justin!! I'm going to order Slate AX X2. Saludos desde Argentina!
Glad it was helpful! Thank you!
Hi @@justinreviewsandrepairs5246 ! I was able to create my own VPN at home, thanks again!! I wanted to ask you about this: I have a friend in Spain who set up a VPN using Open VPN, but on Linux. He shared an OVPN file (server), but it's not working on my Slate AX (client). Do you think it is possible to make it work?
Lograste hacerlo , yo no he podido
@@TheDicampo Sí, lo tengo funcionando
Justin, I apologize for my ignorance on the terminology and understanding with this stuff. You have been super helpful and I hope I did not come across rude with my last comment. I will just start over and go through the setup of each travel router and see what happens. Thanks again for your replies and content.
No need to apologize, I was just having a hard time following along with the comment. Feel free to email me and include screenshots to make it clearer: support@JustinPruett.com
Hello Justin. Thank you for this very useful, step-by-step guide. I appreciate your style of teaching. With your help on the nuts and bolts of this operation, my wife won't feel like she's missing out on any of her favorite streaming things while we're visiting Europe.
Thank you! Yes, that is another use for the VPN! But I was pleasantly surprised by some of the shows available in other countries as well! Back at home you can also use it to share streaming service accounts by using one IP Address at two places.
@@justinreviewsandrepairs5246 Unfortunately, I'm running into the same issue as many of the other recent commenters. Unable to start the VPN client on the 1800. The log shows the same errors others are having. 🙄I'll have to call GL Support to see if they can help.
Feel free to email me at Support@JustinPruett.com if they are unable to help. The most common problem is the Port Forwarding step which is different for everyone based on who their Internet Service Provider is. The second most common problem is trying to test using the same Internet connection as the server, which is not possible since both devices are already on the home network.
Thank you so much for this, because of you I’m able to spend time with my girlfriend abroad where otherwise we would’ve been apart for months
Glad it helped! Feel free to name your children after me! 😜
Hey Justin! I just got this setup working using the Slate AX for the client and Brume 2 as the server. Thanks for putting this together, of all the resources online this video was the most helpful. The biggest headache for me was actually getting the port forwarding to work on my ISP modem because apparently its software sucks lol. Anyways, I just wanted to say thanks for this super comprehensive video. If you ever need a testimonial or advice with anything data/software engineering related (that's what I do) don't hesitate to ask.
Thank you! I am a software engineer too! Email me your discord or Google Hangouts if you want to talk shop, I am full stack. Work@JustinPruett.com
Hey @ZahScr , any tips for getting the port forwarding to work?
@@josieicaza7031 for me it was just crappy software in the modem. Make sure that you’re setting up port forwarding on the correct device. For example, I had a modem which was the internet gateway and a separate router for wifi, which meant I needed to set up port forwarding on the gateway modem and connect the gl.Uber to that.
The other thing is try restarting whichever device is doing the port forwarding after you set it up and give it a few minutes. If that doesn’t work then do a factory reset (make sure you can recreate whatever configurations you had) and then try setting up the port forwarding again - also with a restart after.
Hope you get it working!
Thank you!!
@@zahscr did it need a public Ip ? Thanks
this is how we work from NorthAmerica while living in Thailand
How is it working for you buddy all.smooth
How the internet speed?
Internet speed sucks when having two router hotspot
@@b.n.y.a1599 i made a tutorial on my channel - how to set up a vpn server and vpn router.
in that video towards the end, i show a button that ensures your connection stops working whenever the VPN stops working for whatever reason.
Do you work from your own computer or one provided by your employer?
Hey man thank you so much been working for a week from Colombia .. I'm like the happiest man alive 😂
Hola gorge, soy también colombiano y necesito hacer este puente, podrías ayudarme a hacer el set up de los routers, ta compre los dos pero no se como se instalan, cualquier ayuda le agradecería! Bendiciones, si algo nos comunicaremos por WhatsApp
Perdona q insista es q me urge ir a Colombia y mantener mi trabajo, cualquier ayuda y si hay algún cobro por el tutorialme hace saber, quedo atento. Thank you
No ayuda a los paisanos 😢
Guys!!! This worked smoothly 🎉 it is the best setup explanation ever , can't thank you enough
Thank you! 🙏
You are the genius and lifesaver I'm looking for. I have a trip coming up and was worried that internet access outside the US would be banned. I just placed the order through your link, and I can't wait to set up the routers for the trip.
Thank you! Let me know if you run into any problems! Support@JustinPruett.com
@@justinreviewsandrepairs5246 Hi Justin, I just emailed you about a Port Fowarding question. The subject line is Port forwarding question from Danielle Chen. I tried every steps but still could not connect the two devices. However, openVPN works fine on Slate AX. It just won't connect to the Beryl AX.... Please help!
Thank you thank you thank you! You made what was quite a complex challenge (for my low technical aptitude) so so easy to follow! I got hung up on setting the port forwarding for AT&T because I missed a step bit after that it worked like a charm
Port forwarding is tricky because every ISP router is different, glad the video helped though!
Can you PM me how you did port forwarding with AT&T because I wasn't able to set it up?
Hi Justin, thank you for the information! I am planning on buying this router, but I have a quick question.
I need to travel to South America for three weeks, but my employer does not allow me to work from there, and my computer also has a VPN set up.
Can I use this VPN router to set up a US location and connect to my work VPN from there?
I am new to this information, so I am trying to understand how I can do it.
Thank you!
Yes, the two routers basically make a bridge from wherever you are back to your house. However, there are some speed and latency issues with video calls or anything high bandwidth like that. Also, if your home Internet goes down while you are away, you are out of luck. So be sure to test as much as you can before you go. Safe travels and thanks for watching!
@@justinreviewsandrepairs5246this is the same question I had ! So even if I my work computer has its own company built in vpn…I can still by pass this by telling the vpn that my IP address is in my “ home address “ by following your instructions? Just wanted to double confirm this information !!! Please let me know !!! And thanks once again you are the best !!!
@@ratimes8k yes, you can bypass it this way.
@@zahscr aye how can I set up the vpn using a web link from the hotel I am staying at…for some reason I can’t get it done any help
Seriously I wouldn’t have been able to figure it out without this video and your help! Thank you so much
Glad it helped, thank you!
Just wanted to leave a note incase anyone runs into the same issues I had getting this setup running. I have a Brune2 as the VPN Server and the Slate take with me. I followed all the same steps, including the port forwarding on my main ISP router, except changed the IP to 10.1.0.x/24 instead of the default. After I was able to run the Server on the Brune2 I tested the connection with the Wireguard app, important to note when you're testing the connection turn off wifi and use a separate network like 4G/5G.
Once I uploaded the Client config file to the Slate it initially wasn't getting a handshake and connect but I was trying on the same network. Once I had everything configured and I turned on the client outside my home network and the Slate and Brune started to talk to each other as intended. Still need to test more outside my home office but this video is the best tutorial I found on this after reading through many other pages, forum posts and documentation. THANK YOU Justin!!!
Thank you! Glad it helped!
I noticed more ISP routers are using 10.0.0.x as their Local IP range which can lead to problems with the default WireGuard ®️ IP range, good job catching that!
Hi Justin, we did all the steps but we cant get the VPN client connected with Wireguard. The log file keeps telling us that is reloading firewall du to the IFUP of modem.
Someone else is having the same problem, I am going to check if new firmware is causing it. If it's not then I wonder if you both have the same ISP causing the problem. I will try to post an update soon.
@@justinreviewsandrepairs5246 We fixed the isuue with support from GL. Instead of choosing "both" in port forwarding, we needed to choose UDP and connect the 1800 in another network than the 1200. Thank you
@@nickkoutris4873 Hi Nick, I think I hit the same problem as you did. On my Client router, the yellow light is always on the "WireGuard® Client" sign of the admin website. Per your solution, is changing port forwarding from 'Both' to 'UDP' the only change you made to solve the problem?
@@nickkoutris4873 this worked for me! I switched the port forwarding from both to UDP. I also connected the repeater with the client wireguard to a different network than the network i was forwarding on (where i had my repeater with the wireguard server). I just used my hotspot to test.
@@chyfsam Any update on this? I'm having the same issue and changing from 'both' to 'UDP' didn't fix the issue
Hi Justin! I got everything set up just like in this video. However, when I connect my client Slate AX to a public WiFi network outside the home (Starbucks, the library etc.) I get the message " The interface is connected, but the Internet can't be accessed with IPv4 protocol." It works perfectly when I use my mobile hotspot to connect to the client router. Is there something wrong with my configuration? I am worried because I have an out-of-state trip to go on in 2 days, and need this system up and running. Thank you so much for your help!
Best regards,
Jennifer
Hi Jennifer, sometimes public WiFi networks require you to accept terms of use and things like that, it makes the process a lot more time consuming but it can be done: docs.gl-inet.com/en/4/tutorials/connect_to_a_hotspot_with_captive_portal/
@@justinreviewsandrepairs5246 Thank you so much, I realized that this might be the case. For anyone else, I fixed it by updating my client router to version 4.2, which has a new feature that essentially lets you spoof your MAC address by using a custom mac address. I went through the login page on my iPhone and then went into settings, clicked the wifi network I connected to, and then copied down the "Wifi Address". Then I copied that MAC address into the router, and then the wifi connected to the router perfectly. I hope this is helpful for someone!
Thank you for sharing!
@@justinreviewsandrepairs5246 Hey Justin, I am having the same problem and do not quite understand what to do. I tried to follow the directions that you posted but I was still having issues. It no longer gave me the error message of the internet being accessed, and said that it was connected, however, it did not load any web pages. I also tried to get on my phone hot spot to try that out and it said it was connected but then again, wouldn't load web pages saying that it was not connected to the internet. Could you possibly make a video of you using this system to connect to a phone hotspot or a different wifi network? Just so I could see it visually? Or if not, do you have any guidance? I appreciate this video and your responses so much!! If I can get it working it will be the best thing in the world (and I won't lose my job lol)!
Hey Justin thank you for your detailed explanation setting up these routers. However, I ran into an issue, but I was able to fix it by reading the comments. I wanted to share this in case someone else encounters the same problem and needs some help. If you have a Xfinity router at home, please DO NOT use the default IP address for the Wireguard server which is 10.0.0.1. Instead, you canchange it to 10.20.0.X/24. After I did this, my network became more stable with no drops, and it's working smoothly.
Thank you for sharing! This is correct! Xfinity routers use a private IP Address range typically used in a corporate environment. You will also need to change your default LAN if your ISP Router is using 192.168.8.1/24
Hi @abelulloa3979, I have Xfinity as well and when running DDNS Test and it says that the DNS record for this DDNS domain could not be found. Would you be kind to help me?
I tried your setup and you were very good at explaining things, it appears to be working with the VPN dashboard showing up and down traffic. Since it is going to a Beryl at the "home" location which also gives the 192.168.8.xx IP it was hard to determine if it really was working. So while doing the speed test I disconnected the client and it stopped the speed test, but I sure can't tell by the IP address. You did very well to help someone actually make this work that is far from qualified. Thanks. I am still questioning my success!
Thank you! You can use a website like www.whatismyip.com/ to see what your Public IP Address is before and after connecting to the VPN.
you learn something new everyday, thanks Justin
Thank you!
Hi Justin,
First, I want to thank you so much for the detailed step by step tutorial. Like most people here I happen to encounter the most common issue - I can’t start the VPN WireGuard Client on the travel router despite setting up the server/port forwarding.
Some background, I have Verizon and even after setting up port forwarding, I run the DDNS Test I still have 2 different IP Address and the same warning - from DDNS Domain Resolution is the same as my ISP Public IP, but the WAN Interface Ethernet is still the same one it was assigned initially.
Look forward to hearing from you and thanks once again!
Edit: Turned out I changed from TCP to Both in the process of Port Forwarding set up and everything started to pick up and worked out fine now.
Yes, some people have to select UDP only, but "Both" works for many. Glad everything is working now!
@@justinreviewsandrepairs5246 Just a follow up question - I expect a big drop in connection speed but what would you estimate the speed to be if I were to be in very long distance (thinking US-Asia Pacific)?
You can estimate using the latency values from wondernetwork.com/pings between two cities. If it is above 300 your speeds will drop significantly
@khanhly-courtleveltennis how were you able to set the port forwarding in Verizon? I'm also using both in the process of port forwarding but it doesn't seem to work .... did you call verizon?
Thanks Justin for the comment. Let me give it a try. I exchanged a few msgs with nord, but not getting anywhere with them. I will definitely look up the port forwarding for the xfinity router/modem.
Here is the video that shows how to get your IP Address or MAC Address from your travel router for port forwarding: ua-cam.com/video/LzBa6KsfG9A/v-deo.htmlsi=bpljRVvc_0LTJpt8
Thank you! Exactly what I needed. I was a bit overwhelmed until I found this video.
Glad it helped! If you need help with anything else just let me know!
Man this GOLD keep doing Lord work!!!
My guuuuyyyyyy!! Thank you some much for everything! Thanks to you I’m working from my home country and can spend more time with my family! I fricking LOVE you!! Thanks again 😊
This is how it should be! Thanks for sharing!
Cali can you help in setting up mine?
This is how you would use your home IP address in say America while you're in another country, so your employer would never know? Other remote work vloggers charge money for an installation but this guide is all I'd need? Seems straight forward enough.
Yes, but keep in mind that most employers have full access to your work computer so it is not 100% full proof. For example they could open your webcam or microphone and this method does nothing to stop that.
I do not offer installation services, but feel free to comment or email if you run into an issue.
@@justinreviewsandrepairs5246 Thanks. Webcam/mic access wouldn't matter because there wouldn't be any tell tale signs if so, plus we rarely use webcams in day to day work (also webcam covers built into our work computers). As for the at home router, the Flint router works great and would have the same steps?
Yes, the steps would be similar, the Flint is like the home version of the Slate AX with similar specifications.
If you are using the Flint as your main router, such as plugging a cable from the Fiber Optic ONT into the WAN or a Cable Modem (Or a Cable Router in Bridge mode) to the WAN then you can skip the Port Forwarding Step. In the video I was only using the Opal as a VPN Server, not as a whole home router.
If you want a little more power, the Flint 2 was just released and offers the highest performance. Although, I think for most people the latency between two locations will be the bottleneck rather than the performance of the device for anything faster than the Beryl AX. Having Fiber Optic Internet at both locations (with low latency) can really improve the overall performance of any two routers.
@@justinreviewsandrepairs5246 Thanks for your help. I'll be buying the routers and get things set up some time mid May.
Great! Be sure to leave enough time before your trip to test your setup. If you run into any issues, feel free to email me at support@JustinPruett.com
Thanks a lot for this video and all of the others as well. Looking forward to creating this setup soon
Thank you! Let me know if you run into any problems!
@@justinreviewsandrepairs5246 thanks brother. Would you recommend running a Tplink archer ac1750 for home openvpn server or go with a newer portable GLINET one? I already have beryl AX for the portable side
It is possible, but OpenVPN simply isn't as fast as WireGuard ®️. The Beryl AX goes on sale often, maybe just upgrade when you can.
Awesome video Justin! I emailed him because I was having some port forwarding issues and he got back to me very quickly. Wonderful channel!!! Thank you so much, dude!
Hi Justin. I am experiencing port forwarding issues with my Virgin Sagecom FST5250 device. I can’t find good videos on the internet and when I set up the conditions similar to yours it says it’s not valid. Is port forwarding absolutely necessary for the extra security with opal? What can I do? Thanks in advance- you are a life saver
Precisely the issue I encounter when I type “51820” in the port forwarding rules is “you must enter either a number or a range between 1 and 65535. With a range, put the larger number at the end”
whats his email , i wanna reach him too , thanks in advance
Thank you so much, you now made this thing very clear for me . I did not know what the whole set up is and how i would hide my location while working abroad.
Glad it helped, let me know if you have any other questions.
hey any updates? is it still working fine?
Justin, your teaching is amazing. Super detailed and succinct.
Thank you, Jude!
Justin, I'll see what can find out. Thanks again.
Awesome tutorial, I wish I found this sooner. Thank you
Thank you so much! 🙏
Yow from Jamaica here, worked exactly like you said thanks
I just implemented exactly this, going to be working remote from Mexico
Great! Be sure to test before leaving and make sure "Block Non-VPN Traffic" is enabled from the VPN Client Global Options since newer versions of the firmware seem to default to off.
@@justinreviewsandrepairs5246 you’re right , it’s off by default. Thanks for the heads up!
@@justinreviewsandrepairs5246 I’m curious as to if I would also enable block non-VPN traffic on the wire guard server, router, installed in the US?
No, it is mostly protection for when you lose connection -- it will cut off the Internet to your devices until you reconnect.
Hi. Did you got any issue while you are working remotely with this setup ?
You are a lifesaver. Thank you so much
Thank you very much Justin for perfect explanation. The only issue is, when connected directly to internet my internet speed is 20MB download and 15MB upload (using my mobile hotspot), but when connecting to the wiregaurd server the internet speed reduces to 5 MB up and 5 down. I am using GLiNET AX-1800 for my server at home and the AXT-1800 for travel router. I appreciate your help
You will always be limited by your slowest connection, that's why if possible you should get Fiber Optic Internet for both ends.
Besides Upload and Download speeds, the third factor is Latency. Your HotSpot is likely adding latency which will reduce overall speeds.
@@justinreviewsandrepairs5246 Another question. I set this up at home and it worked well. Now I connected my server modem to my friend's home Xfinity modem via cable and I get internet on my server modem but as soon as I turn on the Wiregaurd server, internet get's disconnected. I even tried adding the portforwarding port to my friend's Xfinity app (and turning off advanced security, but the issue still persists). Do you know what could be the issue?
@@justinreviewsandrepairs5246 another question. I set this up at home and worked well connecting client to server. Then I connected server modem to my friend’s Xfinity via cable. The issue is I have internet on my server modem until I turn the wiregaurd server on. I soon as I turn wiregaurd server on, internet gets disconnected. I even tried adding the port to Xfinity app in my friend’s phone and turned off advaced security but still not working.
@@justinreviewsandrepairs5246 another question. I set this up at home and worked well connecting client to server. Then I connected server modem to my friend’s Xfinity via cable. The issue is I have internet on my server modem until I turn the wiregaurd server on. I soon as I turn wiregaurd server on, internet gets disconnected. I even tried adding the port to Xfinity app in my friend’s phone and turned off advaced security but still not working.
Xfinity uses a corporate network address by default which conflicts with the default local address for the WireGuard ®️ VPN Client. You will need to change the default from 10.0.0.1/24 to 10.1.0.1/24 on the WireGuard ®️ configuration as seen here: docs.gl-inet.com/router/en/4/interface_guide/wireguard_server/#setup-wireguard-server
Hi Justin, amazing video, very accurate and valuable. Saludos desde República Dominicana
Thank you! 🙏
Thanks Justin your videos! It looks like for your work remote set up you recommend using the Slate AX router along with a GL.iNet Opal Router. In this videos comments though you recommend using the Slate AX with the GL.iNet Beryl AX instead of the Opal. Another guy on UA-cam who makes similar content/how to videos recommends using the Slate AX travel router with GL.iNet Flint 2 router. And another guy on UA-cam recommends using 2 Slate AX routers; he says the Slate AX offers faster wireguard speeds than the Beryl. 1 thing is clear - you all recommend the GL.iNet Slate AX router as the 1 to travel with. But which is the best 1 to have at home? The 4 options you 3 guys recommend are a 2nd GL.iNet Slate AX or GL.iNet Opal or GL.iNet Beryl AX or GL.iNet Flint 2. The router modem currently at home is the Xfinity Gateway XB8 (for Xfinity Comcast internet)... What router would be best to use at home with XB8?
This video is more than a year old so as new routers come out the best option changes. Currently the Flint 2 would be the fastest option but if your budget is lower then the Beryl AX is an excellent ratio of price and performance. A full list is in the description. Let me know if you have any questions or run into any issues.
Hey Justin thank you for this amazing video! Most detailed out of everything I looked up. I watched multiple times now and sorry for some dumb questions if you don’t mind.
1. With port forwarding between home router and travel router, do we need a VPN subscription like NordVPN? Cuz I looked up NordVPN and they dont allow port forwarding, and also I didn’t see you logging in to anything.
2. What is your Frontier router’s role in this? I saw that you are leaving Opal at home and traveling with Slate AX but didn’t get why you’re adding in Frontier.
Thank you!
Thank you!
1. In this video you are basically running your own VPN Service, you do not need Nord for this video. There is another video that covers using Nord.
2. Frontier is my Internet Service Provider, they provide me with a router and instead of replacing theirs I added the Opal. If you have Fiber Optic Internet you can probably get the Flint 2 router and replace the ISP router completely. If you have cable, you must use a modem which typically is bundled with a router these days. So unless the GLiNet router is the main router you will have to do the Port Forwarding step.
Please let me know if you have any other questions
Thank you
- Justin
@@justinreviewsandrepairs5246 hey Justin, thank you so so so much for explaining. The set up worked out perfect for me. The two things that did the trick was first only enable UDP on the home router port forwarding and second change the default IP address 10.0.0.1 to 10.1.0.1 on the stay at home server router. Hope this helps others too. Again thank you!
Do you have Xfinity? For some reason their routers use the same IP Address range as WireGuard ®️ which is why you had to change it. Glad you got everything working! Thanks for sharing!
@@justinreviewsandrepairs5246 exactly I use Xfinity! Don’t mind this extra step and I noticed traceroute that it takes 1 step in my home city before routing to the next steps.
This is super exciting. I ordered 2 gl flint 1's and can't wait to hook them up. I'm trying to create a tunnel from the inlaws to our house for netflix.
I was so mad when they started charging extra when my plan supposedly allowed more than 1 device to stream that I cancelled. Setting up a tunnel is definitely an option, but I hate that we have to.
So I need two of these units for it to work ?
This video helped me a ton and I'm using the same set up. Thanks for making this.
Glad it helped!
Is there a Killswitch to stop internet if it isn't pulling the residential IP?
Yes, on the Client go to Global Options and enable "Block Non-VPN Traffic"
@@justinreviewsandrepairs5246 thank you so much! You sincerely don't understand how helpful this is thank you so much!
Glad it helped! Thank you! 🙏
Worked perfectly. Thanks a lot!
Glad it worked! Make sure to Turn On "Block Non-VPN Traffic" form Global Options on the Client for increased protection. I am hearing it is not on by default in the newer firmware.
@@justinreviewsandrepairs5246 Thank you. Did that 😉
This is a great video and was exactly what I was looking for! Thank you!
Glad it was helpful! Thanks for watching!
God bless you. You're the man
Thank you, comments like yours keep me motivated to make more videos!
God bless you your tutorial really helped me out
Thank you!
Justin, I wanted to give you an update since you have been so helpful. First, the good news, I purchased both slate ax and the opal using your links. Second, I was able to set up and test the port forward with your guide and it is functioning as intended. However, yep some not so positive news, I am getting too great of a latency where just trying to use authenticator code for work vpn login it's timing out. Both routers are using the ethernet connections to isp routers. Both isp locations have 400+ mbs service. Unfortunately, I was unable to test with my laptop connecting to slate ax via ethernet cable. I was getting speeds of only 12mbs this way. I was able to eventually get into the work vpn and access it's servers, so it WILL work, but not with the reliability I was hoping for. Maybe, with Laptop connected via ethernet cable to slate ax it will get better... Fingers crossed. Anyway, thanks for the help. I am quite certain I would not have known how to set up without it.
Do you have 400mbps service both download AND upload? Upload speed is also important.
One other thing to check is if the country you are in just has a poor connection to the rest of the world. You can use this website to gauge the latency between two cities. If the latency is too high, like above 150 ms, you will encounter problems as well. wondernetwork.com/pings
Can you describe your authenticator? A traditional authenticator uses a time based 6 digit code or a code is sent over SMS to your phone.
Hi Justin, I appreciate you going through the motions and explaining every step for us. When I run a DNS test, it shows my real location. Is there a step or plug in to try and avoid the DNS leak? Thank you!
Yes, the other video shows how to set your DNS to CloudFlare or whichever you like. It also needs to be changed in the configuration file that you use for the Client.
Hi Justin, thank you for the amazing tutorial.
I followed the step by step and I was able to successfully complete the steps using my personal PC. I do have 2 questions though.
1. How do I connect to my work laptop using WiFi? I do have a portable hotspot I carry with me all the time so I do not need to worry about hotel WiFi.
2. How do I test that I did everything correctly before leaving my home state to another state?
Great to hear!
1. You will likely want to connect the Client travel router to the Hot Spot and enable the VPN, then connect your work laptop. Be sure to turn off automatic connection from your work laptop to your hotspot since you will want to connect to the travel router instead.
2. After connecting things in 1 above, you should be able to compare your Home IP Address with the one you get while connected to the VPN and they would be the same. You can use a site such as IP.suzam.com to view your IP Address.
@@justinreviewsandrepairs5246 pls how do I enable the VPN? Will I need to always have my personal PC with me to connect to hotspot before initiating my work laptop to the client traveler WiFi?
If your HotSpot is not your phone, you can use your phone to access the dashboard, but you only need to connect to your HotSpot once anyways. It will remember the WiFi and connect when you turn on the Travel Router. You can also set the custom switch on the travel router to be used to enable or disable the VPN so you actually don't need to access the dashboard at all after the initial setup.
@@justinreviewsandrepairs5246 I will try all the above steps, thank you so much for your time.
Good day Justin! Hope all is well just asked you a quick question via email. Thank you always!
Question was a little confusing, feel free to ask again if it was not the answer you were looking for.
Hi Justin thank you so much for all of the service that you're doing. I read your comment about them just wanting to make sure you have a secure connection, I agree I think most IT people don't have the time to dig any further really unless you give them a reason. I was wondering do you think if I buy the slate AX and install a residential VPN on it here at my home and then Ethernet into it, that would generally speaking be enough?
A residential VPN from a third party service or running the server yourself? Not many third party services offer residential IP Addresses but there are some.
Worked like a charm!
Great to hear! Thanks for sharing!
Great video. Love it. Instead of the opal and slate AX I used two Slate Plus to set this up. I connect one Slate Plus to my FritzBox Router (My ISP Router) at home which then serves as the Wireguard Server and the other Slate Plus is then my Wireguard Client. So far so good. But for some reason when trying to enable DynamicDNS the DDNS Test, I get the following error message:
"The IP from DDNS domain resolution is not the same as the WAN IPs of the device. You need an Internet Public IP address to use the Dynamic DNS. If this router is behind NAT, you may need to set up port forward in your ISP router." ---------- (I did already forward the ports as described in your video as well on my ISP Router but that does not seem to do the trick.)
Can anyone help me with this? I would really really appreciate the help
What result do you get from this test? justinpruett.com/glinet-troubleshoot.php
@@justinreviewsandrepairs5246 Thanks so much for the fast response. When I enter my DDNS Name (the one given by the Slate Plus) and do the test, then it does show my public IP. So I would assume it works? But for some reason the DDNS Test on the GL.iNet Admin Panel does still not seem to work.
@@uppermost865 yeah that is strange but it seems it worked at least previously
Hey Justin, this is the best video I’ve seen BY FAR on setting this up. Great job my man. I’m having some troubles and need help from anyone in the comments with insight. When I get the configuration file from the home router, it doesn’t include a listen port and includes an MTU number. Even when I connect my travel router to my cellular data, it stays in yellow mode until it times out. Can anyone help?
My WireGuard server works great and port forwarding seems to be working well. The issue seems to be connecting my travel router to my leave at home router.
Do I need to set up port forwarding on my home router in the admin panel? I’m grasping for straws here 😅
Yes, you need to setup Port Forwarding on your ISP router to forward to the travel router you are using as a server (the Opal in the video). Most problems are because the Port Forwarding is incorrect or trying to test from the same Internet connection (you need to use a second Internet connection for testing as you would while traveling).
This video covers which IP Address you should be using for Port Forwarding: ua-cam.com/video/LzBa6KsfG9A/v-deo.htmlsi=mULpirlgaJ09NzbV
Let me know if you run into issues at support@JustinPruett.com
Fiz aqui e funcionou perfeitamente, melhor que eu esperava. Muito obrigado.
Estou feliz que funcionou perfeitamente! Obrigado por assistir!
Hi Justin! Regarding your comments in the updated description box, if I get the Beryl AX and the Slate AX, which should I leave at home and which should I take with me? Also how much does the MT1300 differ from the MT3000? I am an absolute novice so apologies if these are really basic questions… I want to make sure I buy the right devices. Thanks in advance!
Hello, the Opal is no longer receiving updated features, so that is why I now recommend the Beryl AX. The original Beryl may or may not get updated, but the Beryl AX is significantly faster for WireGuard ®️. In the event that you find out that you cannot do the port forwarding step, the Beryl AX supports ZeroTier which is an alternative method that will allow you to complete the overall setup. As far as which device stays home, it can be either since the devices are extremely similar, but I prefer to take the Slate AX and leave the slower device.
These are the best "step-by-step" instructions out there. Thank you you taking the time to explain everything and making this seem much easier. Is it common for connection speeds through the VPN to be pretty low? I have a 500mbs connection in the US. 1GB in the UK but regularly register 20mb speeds through the wireguard VPN. However im using 2 Beryl AX routers.
Thank you! Are your connections Fiber Optic and have 500mbps Download AND Upload? Upload speeds are also important.
In general the connection between New York and London is good: wondernetwork.com/pings/New%20York/London
If you set up your Home Server with WiFi instead of Ethernet, you should switch to Ethernet for improved latency. Keep in mind doing so will require you to update the Port Forwarding rule as well to the Ethernet IP Address listed in the Dashboard.
I would like to see a video of you plugging and setting up the actual hardware as in plugging it in to the actual home router just to see a visual
Thank you for the suggestion! I think I can get that done this week!
Would love to see a video on how to use the Slate AX on public WiFi that has captive login portals, like airports or hotels for example. Sometimes they prevent me from internet access when using the slate ax.
Thanks for the suggestion! It is a huge pain connecting to some portals, luckily there are two ways to do it: docs.gl-inet.com/router/en/4/faq/connect_to_a_hotspot_with_captive_portal/
But in my experience their Internet is often slower than my own HotSpot anyways. AirBNB is usually the way to go when you need to work remotely since their Internet is usually good.
As far as HotSpots, the USA and Japan each have providers that offer Unlimited High Speed HotSpots.
Hi Justin, first and foremost, fantastic video! I do have a few questions: 1) How would the Opal and the home modem setup look like? 2) Do you have the kill switch/block all non-vpn traffic on for both devices?
Thank you!
If you plug the Opal directly into the modem, you won't need to port forward.
The kill switch would only be on the Client (Slate AX) and was on by default in the version of the firmware I was using, it's always good to double check though from the dashboard.
You are my hero ! Biggest THANK to you on Thanksgiving
Thank you! Happy Thanksgiving! 🦃
Thank you, I found this informative. I did have a question about security though, is the information encrypted between the gli routers?
Yes, you'll notice in the configuration file that there is a Public and Private Key which is used for encryption.
Nice review Justin, keep it up :P
Thank you! Is there anything you would like to see reviewed or a problem you need help solving?
@@justinreviewsandrepairs5246 Port forwarding piece please :)
Hi Justin, thank you for your hard work you put into your videos. This one made me to setup your exact setup by going all step. And it works! Thank you for that.
May I ask how your speedtest results are higher than on my setup? I usually get 9mbps for download when accessing remotely via wireguard while I get 100 mbps for downloading when accessing directly to my router at home.
Maybe I have missed something. Hope you can help with a great tip.
Your speeds will be limited to your slowest connection. 100mbps is pretty slow, so I assume you have cable? What is your Upload speed without VPN? 10mbps? Getting Fiber Optic Internet for both sides will increase your speeds. If your Internet is fast then you'll start to be limited by the router, the Opal is old and will get about 10mbps whereas the Beryl AX or Slate AX can go faster.
@@justinreviewsandrepairs5246 thank you for your response. I have checked the ISP upload speed and it is capped at 10Mbps. Thank you for your guidance - I have understand that I need to contact my provider to upgrade to a higher upload speed to achieve a higher download speed on my remote client. Thank you!
Great video! huge plus to Author!
Sir you are a GODSEND. Thank you so much!
Thank you!
@@justinreviewsandrepairs5246 Really really really dumb question, but I need to ask: I'm behind a NAT...do I need to enable DDNS on my primary router and subscribe to a DDNS service so that it remains static and I can continue to remote in without any unexpected complications? (i.e. IP address refresh while traveling). What I gather from this tutorial is that I shouldn't worry about this since I'm essentially configuring the tunnel with the assigned IP address of the device. I'm soo confused about this, but if you have any resources you recommend I look at so I can understand this better, I'd appreciate it. Thanks in advance!
I have almost this exact setup. Justin you are amazing!
One question. How can I figure out if I am doing a double nat or no.
Thanks, can you explain your setup? If you have standard Internet service you should be able to Port Forward. If you have shared Internet such as 5G, Starlink base plan, or shared Apartment Internet, then you likely won't be able to Port Forward. Some apartment Internet service providers can provide real Internet for an additional fee. Starlink can also provide an IP Address for an additional fee. I am not aware of 5G providers offering this.
@@justinreviewsandrepairs5246
I have done all the port forwarding, I do have a dynamic public IP so i setup ddns and it works all good. I am just wondering, I heard a lot about double Nating and how it can slow down a bit. How can I check if I have a double NAT? Chatgpt says if your vpn server router gets a wan address that looks like a private IP address then you are doing double NAT ing. and there are some suggestions to fix it. I want to confirm if that's correct info.
My setup is. ER605 vpn server, which is connected to an ISP provided custom router. I want to be clear everything works amazingly thanks to you. I just want to learn as much as possible and also make it as efficient as possible. Thanks Justin!
Hi Justin. Great videos - they've brought me up to speed. But when I do the DDNS test I am getting the following error message: The IP address from DDNS domain resolution is not the same as the WAN IP of the device. You need an Internet Public IP address to use Dynamic DNS. Not sure what this is about.
Thank you. The warning message is there because your GLiNet router is behind another router and will require Port Forwarding. You can use the test on this page to confirm DDNS is working: justinpruett.com/glinet-troubleshoot.php
Does this work even if my work needs me to sign into one of their VPN?
Yes, the Travel Router establishes its own VPN connection so you can continue to use your work computer as if you were home, including their VPN service.
Thank you for your effort to create this video. Just for my better understanding. I actually need 3 routers, right? One provided by my internet provider, second iNet and Opal as third? No option to use opal as my main router instead of the one provided by my Internet provider?
You could use the Opal as your main router, but it is not recommended. The Beryl AX would be the minimum but if you live in a home larger than 400 sqft then you should consider the Flint 2 since it has large antennas for better coverage. If you have Fiber Optic Internet, simply plug a cable from the ONT into the WAN port of the Flint 2. The Description of this video has a list of all of the router options. Let me know if you have any questions.
@@justinreviewsandrepairs5246 Thank you for your response. I do have Fiber Optic Internet but do not have ONT (from what I know my router - Funbox 3.0 - provided by ISP works as GPON device) so I would have to set that one in bridge mode and run the ethernet cable from a LAN port of ISP router to WAN port of GL.iNet / Flint 2 router.
Won't this result in too much latency? I want to set up the most professional setup possible to avoid potential delays and issues while working from Thailand. Perhaps I should request an ONT from my ISP and thus get rid of the current Funbox 3.0 router, and instead configure a router in server-client mode (e.g., Flint2 / Slate AX)? Wouldn't this be better? I'm a complete novice, please recommend and thank you in advance.
That sounds like a good plan if they offer a way to bypass their router. If not, there shouldn't be that much latency from it, you will have much more latency from your remote connection. Thailand typically doesn't have the best Internet, so try to plan ahead for a fast Internet option there.
Hi Justin, Cant thank you enough for this well made tutorial. I was able to make it work for my home router but when I am recreating it for a friend their ISP uses CGNAT,
any tips if the ISP doesnt have Public IP4 but have Public IPV6?
I believe it works with IPv6, but the DDNS might default to IPv4. Try putting in the IPv6 address instead of the DDNS address to test CGNAT. They may be blocked by their ISP on IPv6 as well. For now they might want to try TailScale but the server has to be run on a computer or you need to perform command line commands to set the Exit Node (Advanced setup)
Thank you Justin for the informative video! GL-iNet is now version 4.5.16 and options are rearranged (a lot) but your video still hits all the major points.
On your remote client router, Slate AX in your example, did I miss where you can specify a split router?
In an ideal world what two GL-iNet routers would you recommend for 2024?
Another question I can not find a definitive answer; I want my Client(s) to access location A and location B.
I would like to be able to reach all devices in BOTH locations.
If location A, HOME devices are 192.168.1.x/24, do devices on location B, OFFICE have to be on a different sub net 192.168.2.x/24 (NOT be the same as 192.168.1x/24)?
Thank you, I guess it is time to make an updated video.
For your use case I would highly recommend considering the Ubiquiti UniFi UDM Pro to establish the site-to-site connection. They have some cheaper options as well, but in general Ubiquiti is very expensive because it makes that type of advanced network set up easy. The GLiNet routers are great but they are not intended for your use case.
I will need to upgrade my firmware to see what you are seeing as far as the split "router", could you explain what you mean by that?
Thank you so much for putting this together! Instead of purchasing the Oval, would you advise purchasing another Slate so one serves as the client and one for the server? The purpose would be to increase video quality especially when it comes to watching TV and better video calls.
Yes, two Slate AX would be preferred since the Slate AX has more powerful hardware to encrypt and decrypt traffic on WireGuard ®️ but keep in mind that physical distance between the two devices and the latency will always play a role so be sure to test and/or have a backup plan. Thanks for watching!
@@justinreviewsandrepairs5246 So in this case, is it better to have a flint as server and slate plus a router? which is better as the distance will be far
Justin!
I'm beyond thankful I came across this video. I just purchased two Slate Plus GL-A1300 routers. Please, would you mind if I sent you an email with a few questions regarding my set up? Your time is much appreciated!
Thank you, you can reach me at support@JustinPruett.com
Hi Justin! Thanks so much for the super helpful guide. I have followed the same steps exactly and was successful in connecting, however, I ran into a couple of issues. The first one is, the travel router (AX) would not connect to my Home IP VPN if the AX is connected to my home Wifi, it only connected when it was connected to an external network (my iPhone as a hot spot or external Wifi network), is this normal? Or is something wrong?
The other issue is, the speeds are very slow, I mean given network speeds of about 100Mbps to 150 Mbps, I got speeds of about 5Mbps to 15Mbps with bad latency (about 60ms) when connected to Home IP VPN, please let me know if this speed reduction is normal or if there is something I can try to help with this. The Opal is connected via Ethernet by the way.
Yes, the Slate AX should be on a different network than the Opal that stays home. Increasing speed is tricky, using WireGuard®️ is the faster option so then you can try using Ethernet cables instead of wireless and make sure your upload and download speeds from your Internet provider are fast.
@@justinreviewsandrepairs5246 thanks a lot man!
@@-Above-Average- Any updates?
Thank you for the in depth video! I'm wondering if you can use 2 of the flint 2 routers for both the router you connect to your home router and the router you travel with? I'm hoping it will increase internet speeds and help with latency?
Yes you can, but it is a bit large to travel with. The Slate AX should be fine, in all cases you want Fiber Optic Internet on both sides for the best results.
This is amazing! Just on question, is it stable to use DDNS? Static IP or DDNS which one is better?
Static is better but why spend extra money for a static Public IP Address when the free DDNS is so reliable?
@@justinreviewsandrepairs5246 fair enough. Thanks :)
@@justinreviewsandrepairs5246 Fair enough! Thanks
you might also want to turn off any geolcation settings under privacy & security on your laptop
Can do a video on how to do this with Tailscale pls?
Thank you again for doing this!!!
No problem, let me know if you have any questions or other videos you would like me to make.
Thank you! Currently working from Ghana, West Africa!
To increase internet speeds should I use an ethernet cable for the travel router or will it be the same speed as the wifi option?
Wired is preferred, it should have lower latency versus WiFi. Africa has been plagued with multiple infrastructure problems recently that have degraded the Internet there. Having a Fiber Optic Internet connection at home and Starlink in Africa might be the best way to improve speeds right now until they repair everything.
Hi Justin, thank you for your help. I followed your instructions and successfully completed the setup. My question is, how do I know My travel router is using my home network?. I will really appreciate your help. Thank you
If you connect the Client Travel Router to a second Internet connection, you should see your Home IP Address when you turn the VPN Client on and a different address when it is off.
Justin, I am an elderly digitally deleted with 2 traumatic brain injuries. I do have a computer and a cell phone and a home internet
connection. When I go camping in the boonies, and there is no hot spot or wifi connection how does this stuff connect?
It won't, it requires Internet of some sort so in that situation you would probably want Starlink Internet Service. You probably don't need the GL.iNet router for this scenario.
Is this possible without access to the router to setup port forwarding e.g. using tailscale or zerotier? If so, can you also make a video showing steps on how to setup. Thanks.
You could setup ZeroTier ahead of time and then have the person you ship it to plug in power and Ethernet and be good to go. I hope to start on a ZeroTier video soon.
Hey! Thank you making the first in depth tutorial for this.
My company used a VPN to access company websites that i need for my job. Will this work with that?
Yes. This method essentially creates a virtual cable so it is as if you were connected at home.
@@justinreviewsandrepairs5246 Thank you!
Thank you!
You mentioned that Allow Access to Local Network option makes it less secure. Is there a way to make it more secure so I can access my NAS remotely, or would I have to use another method?
Anything connected to the Internet is inherently insecure, I was merely pointing out the risk. You can find news stories about popular NAS providers such as QNAP and WD suffering from massive vulnerabilities. You can hire a specialist to help decrease your risk, but it is unfortunately never zero.