Click to skip the navigation bar

How to set up WireGuard VPN Server on Halo

This Article Applies to:
Halo H80X

WireGuard VPN is a modern, open-source VPN protocol recognized for its speed, security, and simplicity. With advanced encryption and an efficient design, WireGuard provides fast and secure VPN connections across various platforms.

Please follow the steps below to set up the Wireguard VPN Server on Halo.

Note: To maintain a stable VPN connection, we recommend enabling DDNS (Dynamic Domain Name System) on Halo. It binds your WAN IP to a domain name, preventing connection issues caused by changing WAN IP addresses.

You may refer to How to set up DDNS on a Halo to configure DDNS.

 

1. Launch the MERCUSYS App, go to MORE > VPN > VPN Server > tap Add VPN Server, and select WireGuard VPN.

Locate the VPN funtion on More card. Tap VPN Server to set up your VPN.

Add a VPN Server on Halo. Display the supported VPN type on Halo.

2. View the default WireGuard VPN settings, as shown below. The parameters are automatically filled in, and do NOT change them unless necessary.

Display the default WireGuard server settings on Halo.

Client Access: Select Home Network Only if you only want the remote device to access your home network; select Internet and Home Network if you also want the remote device to access the internet through the VPN Server.

3. (Optional) Click on Advanced to configure more settings.

Display the advanced settings of WireGuard server.

Allow DNS: When enabled, Halo becomes the DNS server for connected VPN clients, helping to safeguard your online privacy.

Persistent Keepalive: Change the Persistent Keepalive time (25 seconds by default) to send out heartbeat regularly.

Renew Key: Tap to update the private key and public key and the previous client config file will becom invalid. Please obtain the account list again to get the QR code or config file after renewing the key.

4. Locate the Peer List section and click Add Peer to create an account. You can create up to 16 accounts.

Add an account to access the WireGuard server.

Address: The IP assigned by server to the VPN tunnel of the Client after the connection.The Address should be included in the Allowed IPs(Server).

Allowed IPs(Server): The IPs of the clients allowed to communicate with the server.

Allowed IPs(Client): The destination IPs that the client is allowed to access via the VPN tunnel. In most cases, the default configuration can meet the needs.

Note: One account can only be used by one WireGuard VPN client at the same time to connect to the WireGuard VPN server.

5. Click “Done” to save the VPN server settings.

6. Connect the remote clients to the WireGuard server via QR code or configuration file.

On the Peer List, click Share button in the Edit column of the corresponding account, then you can save the QR code or export the configuration file.

You can download WireGuard App from Google Play or Apple Store, then use the App to scan the QR Code to connect to this server. Or use the config file exported from the Halo to connect.

Scan QR code or exprot config file to connect to the WireGuard VPN server.

 

Get to know more details of each function and configuration please go to Support Center to download the manual of your product.