diff --git a/luci-app-homeproxy/htdocs/luci-static/resources/view/homeproxy/node.js b/luci-app-homeproxy/htdocs/luci-static/resources/view/homeproxy/node.js
index 322134435..2ccbfd91d 100644
--- a/luci-app-homeproxy/htdocs/luci-static/resources/view/homeproxy/node.js
+++ b/luci-app-homeproxy/htdocs/luci-static/resources/view/homeproxy/node.js
@@ -845,12 +845,6 @@ function renderNodeSettings(section, data, features, main_node, routing_mode) {
 	/* Transport config end */
 
 	/* Wireguard config start */
-	o = s.option(form.Flag, 'wireguard_gso', _('Generic segmentation offload'));
-	o.default = o.disabled;
-	o.depends('type', 'wireguard');
-	o.rmempty = false;
-	o.modalonly = true;
-
 	o = s.option(form.DynamicList, 'wireguard_local_address', _('Local address'),
 		_('List of IP (v4 or v6) addresses prefixes to be assigned to the interface.'));
 	o.datatype = 'cidr';
@@ -890,6 +884,12 @@ function renderNodeSettings(section, data, features, main_node, routing_mode) {
 	o.placeholder = '1408';
 	o.depends('type', 'wireguard');
 	o.modalonly = true;
+
+	o = s.option(form.Value, 'wireguard_persistent_keepalive_interval', _('Persistent keepalive interval'),
+		_('In seconds. Disabled by default.'));
+	o.datatype = 'uinteger';
+	o.depends('type', 'wireguard');
+	o.modalonly = true;
 	/* Wireguard config end */
 
 	/* Mux config start */
diff --git a/luci-app-homeproxy/po/templates/homeproxy.pot b/luci-app-homeproxy/po/templates/homeproxy.pot
index d0d648bba..91237cd17 100644
--- a/luci-app-homeproxy/po/templates/homeproxy.pot
+++ b/luci-app-homeproxy/po/templates/homeproxy.pot
@@ -814,7 +814,6 @@ msgid "Generate"
 msgstr ""
 
 #: htdocs/luci-static/resources/view/homeproxy/client.js:307
-#: htdocs/luci-static/resources/view/homeproxy/node.js:848
 msgid "Generic segmentation offload"
 msgstr ""
 
@@ -1036,6 +1035,10 @@ msgstr ""
 msgid "In seconds. <code>300</code> is used by default."
 msgstr ""
 
+#: htdocs/luci-static/resources/view/homeproxy/node.js:889
+msgid "In seconds. Disabled by default."
+msgstr ""
+
 #: htdocs/luci-static/resources/view/homeproxy/client.js:757
 msgid "Independent cache per server"
 msgstr ""
@@ -1102,7 +1105,7 @@ msgstr ""
 msgid "Let's Encrypt"
 msgstr ""
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:855
+#: htdocs/luci-static/resources/view/homeproxy/node.js:849
 msgid ""
 "List of IP (v4 or v6) addresses prefixes to be assigned to the interface."
 msgstr ""
@@ -1138,7 +1141,7 @@ msgstr ""
 msgid "Local"
 msgstr ""
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:854
+#: htdocs/luci-static/resources/view/homeproxy/node.js:848
 msgid "Local address"
 msgstr ""
 
@@ -1150,7 +1153,7 @@ msgstr ""
 msgid "Log is empty."
 msgstr ""
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:888
+#: htdocs/luci-static/resources/view/homeproxy/node.js:882
 msgid "MTU"
 msgstr ""
 
@@ -1528,7 +1531,7 @@ msgstr ""
 msgid "Path"
 msgstr ""
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:869
+#: htdocs/luci-static/resources/view/homeproxy/node.js:863
 msgid "Peer pubkic key"
 msgstr ""
 
@@ -1538,6 +1541,10 @@ msgid ""
 "it is not needed."
 msgstr ""
 
+#: htdocs/luci-static/resources/view/homeproxy/node.js:888
+msgid "Persistent keepalive interval"
+msgstr ""
+
 #: htdocs/luci-static/resources/view/homeproxy/node.js:807
 #: htdocs/luci-static/resources/view/homeproxy/server.js:458
 msgid "Ping timeout"
@@ -1575,7 +1582,7 @@ msgstr ""
 msgid "Port range"
 msgstr ""
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:876
+#: htdocs/luci-static/resources/view/homeproxy/node.js:870
 msgid "Pre-shared key"
 msgstr ""
 
@@ -1588,7 +1595,7 @@ msgid "Prefer IPv6"
 msgstr ""
 
 #: htdocs/luci-static/resources/view/homeproxy/node.js:627
-#: htdocs/luci-static/resources/view/homeproxy/node.js:861
+#: htdocs/luci-static/resources/view/homeproxy/node.js:855
 msgid "Private key"
 msgstr ""
 
@@ -1779,7 +1786,7 @@ msgstr ""
 msgid "Remove all nodes from subscriptions"
 msgstr ""
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:883
+#: htdocs/luci-static/resources/view/homeproxy/node.js:877
 msgid "Reserved field bytes"
 msgstr ""
 
@@ -2555,15 +2562,15 @@ msgstr ""
 msgid "WireGuard"
 msgstr ""
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:870
+#: htdocs/luci-static/resources/view/homeproxy/node.js:864
 msgid "WireGuard peer public key."
 msgstr ""
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:877
+#: htdocs/luci-static/resources/view/homeproxy/node.js:871
 msgid "WireGuard pre-shared key."
 msgstr ""
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:862
+#: htdocs/luci-static/resources/view/homeproxy/node.js:856
 msgid "WireGuard requires base64-encoded private keys."
 msgstr ""
 
diff --git a/luci-app-homeproxy/po/zh_Hans/homeproxy.po b/luci-app-homeproxy/po/zh_Hans/homeproxy.po
index 0ac2c258c..c0760762f 100644
--- a/luci-app-homeproxy/po/zh_Hans/homeproxy.po
+++ b/luci-app-homeproxy/po/zh_Hans/homeproxy.po
@@ -835,7 +835,6 @@ msgid "Generate"
 msgstr "生成"
 
 #: htdocs/luci-static/resources/view/homeproxy/client.js:307
-#: htdocs/luci-static/resources/view/homeproxy/node.js:848
 msgid "Generic segmentation offload"
 msgstr "通用分段卸载（GSO）"
 
@@ -1059,6 +1058,10 @@ msgstr "单位：秒。"
 msgid "In seconds. <code>300</code> is used by default."
 msgstr "单位：秒。默认使用 <code>300</code>。"
 
+#: htdocs/luci-static/resources/view/homeproxy/node.js:889
+msgid "In seconds. Disabled by default."
+msgstr "单位：秒。默认禁用。"
+
 #: htdocs/luci-static/resources/view/homeproxy/client.js:757
 msgid "Independent cache per server"
 msgstr "独立缓存"
@@ -1127,7 +1130,7 @@ msgstr "有时性能更好。"
 msgid "Let's Encrypt"
 msgstr "Let's Encrypt"
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:855
+#: htdocs/luci-static/resources/view/homeproxy/node.js:849
 msgid ""
 "List of IP (v4 or v6) addresses prefixes to be assigned to the interface."
 msgstr "分配给接口的 IP（v4 或 v6）地址前缀列表。"
@@ -1163,7 +1166,7 @@ msgstr "加载中"
 msgid "Local"
 msgstr "本地"
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:854
+#: htdocs/luci-static/resources/view/homeproxy/node.js:848
 msgid "Local address"
 msgstr "本地地址"
 
@@ -1175,7 +1178,7 @@ msgstr "日志文件不存在。"
 msgid "Log is empty."
 msgstr "日志为空。"
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:888
+#: htdocs/luci-static/resources/view/homeproxy/node.js:882
 msgid "MTU"
 msgstr "MTU"
 
@@ -1555,7 +1558,7 @@ msgstr "密码"
 msgid "Path"
 msgstr "路径"
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:869
+#: htdocs/luci-static/resources/view/homeproxy/node.js:863
 msgid "Peer pubkic key"
 msgstr "对端公钥"
 
@@ -1565,6 +1568,10 @@ msgid ""
 "it is not needed."
 msgstr "性能可能会略有下降，建议仅在需要时开启。"
 
+#: htdocs/luci-static/resources/view/homeproxy/node.js:888
+msgid "Persistent keepalive interval"
+msgstr "持久 keepalive 间隔"
+
 #: htdocs/luci-static/resources/view/homeproxy/node.js:807
 #: htdocs/luci-static/resources/view/homeproxy/server.js:458
 msgid "Ping timeout"
@@ -1602,7 +1609,7 @@ msgstr "端口跳跃间隔（单位：秒）。"
 msgid "Port range"
 msgstr "端口范围"
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:876
+#: htdocs/luci-static/resources/view/homeproxy/node.js:870
 msgid "Pre-shared key"
 msgstr "预共享密钥"
 
@@ -1615,7 +1622,7 @@ msgid "Prefer IPv6"
 msgstr "优先 IPv6"
 
 #: htdocs/luci-static/resources/view/homeproxy/node.js:627
-#: htdocs/luci-static/resources/view/homeproxy/node.js:861
+#: htdocs/luci-static/resources/view/homeproxy/node.js:855
 msgid "Private key"
 msgstr "私钥"
 
@@ -1806,7 +1813,7 @@ msgstr "移除 %s 个节点"
 msgid "Remove all nodes from subscriptions"
 msgstr "移除所有订阅节点"
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:883
+#: htdocs/luci-static/resources/view/homeproxy/node.js:877
 msgid "Reserved field bytes"
 msgstr "保留字段字节"
 
@@ -2620,15 +2627,15 @@ msgstr "白名单模式"
 msgid "WireGuard"
 msgstr "WireGuard"
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:870
+#: htdocs/luci-static/resources/view/homeproxy/node.js:864
 msgid "WireGuard peer public key."
 msgstr "WireGuard 对端公钥。"
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:877
+#: htdocs/luci-static/resources/view/homeproxy/node.js:871
 msgid "WireGuard pre-shared key."
 msgstr "WireGuard 预共享密钥。"
 
-#: htdocs/luci-static/resources/view/homeproxy/node.js:862
+#: htdocs/luci-static/resources/view/homeproxy/node.js:856
 msgid "WireGuard requires base64-encoded private keys."
 msgstr "WireGuard 要求 base64 编码的私钥。"
 
diff --git a/luci-app-homeproxy/root/etc/homeproxy/scripts/generate_client.uc b/luci-app-homeproxy/root/etc/homeproxy/scripts/generate_client.uc
index 278b2ec71..c1175cd50 100755
--- a/luci-app-homeproxy/root/etc/homeproxy/scripts/generate_client.uc
+++ b/luci-app-homeproxy/root/etc/homeproxy/scripts/generate_client.uc
@@ -153,6 +153,36 @@ function parse_dnsquery(strquery) {
 
 }
 
+function generate_endpoint(node) {
+	if (type(node) !== 'object' || isEmpty(node))
+		return null;
+
+	const endpoint = {
+		type: node.type,
+		tag: 'cfg-' + node['.name'] + '-out',
+		address: node.wireguard_local_address,
+		mtu: strToInt(node.wireguard_mtu),
+		private_key: node.wireguard_private_key,
+		peers: (node.type === 'wireguard') ? [
+			{
+				address: node.address,
+				port: strToInt(node.port),
+				allowed_ips: [
+					'0.0.0.0/0',
+					'::/0'
+				],
+				persistent_keepalive_interval: strToInt(node.wireguard_persistent_keepalive_interval),
+				public_key: node.wireguard_peer_public_key,
+				pre_shared_key: node.wireguard_pre_shared_key,
+				reserved: parse_port(node.wireguard_reserved),
+			}
+		] : null,
+		system: (node.type === 'wireguard') ? false : null,
+	};
+
+	return endpoint;
+}
+
 function generate_outbound(node) {
 	if (type(node) !== 'object' || isEmpty(node))
 		return null;
@@ -214,14 +244,6 @@ function generate_outbound(node) {
 		global_padding: node.vmess_global_padding ? (node.vmess_global_padding === '1') : null,
 		authenticated_length: node.vmess_authenticated_length ? (node.vmess_authenticated_length === '1') : null,
 		packet_encoding: node.packet_encoding,
-		/* WireGuard */
-		gso: (node.wireguard_gso === '1') || null,
-		local_address: node.wireguard_local_address,
-		private_key: node.wireguard_private_key,
-		peer_public_key: node.wireguard_peer_public_key,
-		pre_shared_key: node.wireguard_pre_shared_key,
-		reserved: parse_port(node.wireguard_reserved),
-		mtu: strToInt(node.wireguard_mtu),
 
 		multiplex: (node.multiplex === '1') ? {
 			enabled: true,
@@ -573,6 +595,8 @@ if (match(proxy_mode, /tun/))
 /* Inbound end */
 
 /* Outbound start */
+config.endpoints = [];
+
 /* Default outbounds */
 config.outbounds = [
 	{
@@ -602,9 +626,14 @@ if (!isEmpty(main_node)) {
 		urltest_nodes = main_urltest_nodes;
 	} else {
 		const main_node_cfg = uci.get_all(uciconfig, main_node) || {};
-		push(config.outbounds, generate_outbound(main_node_cfg));
-		config.outbounds[length(config.outbounds)-1].domain_strategy = (ipv6_support !== '1') ? 'prefer_ipv4' : null;
-		config.outbounds[length(config.outbounds)-1].tag = 'main-out';
+		if (main_node_cfg.type === 'wireguard') {
+			push(config.endpoints, generate_endpoint(main_node_cfg));
+			config.endpoints[length(config.endpoints)-1].tag = 'main-out';
+		} else {
+			push(config.outbounds, generate_outbound(main_node_cfg));
+			config.outbounds[length(config.outbounds)-1].domain_strategy = (ipv6_support !== '1') ? 'prefer_ipv4' : null;
+			config.outbounds[length(config.outbounds)-1].tag = 'main-out';
+		}
 	}
 
 	if (main_udp_node === 'urltest') {
@@ -623,14 +652,26 @@ if (!isEmpty(main_node)) {
 		urltest_nodes = [...urltest_nodes, ...filter(main_udp_urltest_nodes, (l) => !~index(urltest_nodes, l))];
 	} else if (dedicated_udp_node) {
 		const main_udp_node_cfg = uci.get_all(uciconfig, main_udp_node) || {};
-		push(config.outbounds, generate_outbound(main_udp_node_cfg));
-		config.outbounds[length(config.outbounds)-1].domain_strategy = (ipv6_support !== '1') ? 'prefer_ipv4' : null;
-		config.outbounds[length(config.outbounds)-1].tag = 'main-udp-out';
+		if (main_node_cfg.type === 'wireguard') {
+			push(config.endpoints, generate_endpoint(main_udp_node_cfg));
+			config.endpoints[length(config.endpoints)-1].tag = 'main-udp-out';
+		} else {
+			push(config.outbounds, generate_outbound(main_udp_node_cfg));
+			config.outbounds[length(config.outbounds)-1].domain_strategy = (ipv6_support !== '1') ? 'prefer_ipv4' : null;
+			config.outbounds[length(config.outbounds)-1].tag = 'main-udp-out';
+		}
 	}
 
 	for (let i in urltest_nodes) {
-		push(config.outbounds, generate_outbound(uci.get_all(uciconfig, i)));
-		config.outbounds[length(config.outbounds)-1].domain_strategy = (ipv6_support !== '1') ? 'prefer_ipv4' : null;
+		const urltest_node = uci.get_all(uciconfig, i) || {};
+		if (urltest_node.type === 'wireguard') {
+			push(config.endpoints, generate_endpoint(urltest_node));
+			config.endpoints[length(config.endpoints)-1].tag = 'cfg-' + i + '-out';
+		} else {
+			push(config.outbounds, generate_outbound(urltest_node));
+			config.outbounds[length(config.outbounds)-1].domain_strategy = (ipv6_support !== '1') ? 'prefer_ipv4' : null;
+			config.outbounds[length(config.outbounds)-1].tag = 'cfg-' + i + '-out';
+		}
 	}
 } else if (!isEmpty(default_outbound)) {
 	let urltest_nodes = [],
@@ -654,17 +695,29 @@ if (!isEmpty(main_node)) {
 			urltest_nodes = [...urltest_nodes, ...filter(cfg.urltest_nodes, (l) => !~index(urltest_nodes, l))];
 		} else {
 			const outbound = uci.get_all(uciconfig, cfg.node) || {};
-			push(config.outbounds, generate_outbound(outbound));
-			config.outbounds[length(config.outbounds)-1].domain_strategy = cfg.domain_strategy;
-			config.outbounds[length(config.outbounds)-1].bind_interface = cfg.bind_interface;
-			config.outbounds[length(config.outbounds)-1].detour = get_outbound(cfg.outbound);
+			if (outbound.type === 'wireguard') {
+				push(config.endpoints, generate_endpoint(outbound));
+			} else {
+				push(config.outbounds, generate_outbound(outbound));
+				config.outbounds[length(config.outbounds)-1].domain_strategy = cfg.domain_strategy;
+				config.outbounds[length(config.outbounds)-1].bind_interface = cfg.bind_interface;
+				config.outbounds[length(config.outbounds)-1].detour = get_outbound(cfg.outbound);
+			}
 			push(routing_nodes, cfg.node);
 		}
 	});
 
-	for (let i in filter(urltest_nodes, (l) => !~index(routing_nodes, l)))
-		push(config.outbounds, generate_outbound(uci.get_all(uciconfig, i)));
+	for (let i in filter(urltest_nodes, (l) => !~index(routing_nodes, l))) {
+		const urltest_node = uci.get_all(uciconfig, i) || {};
+		if (urltest_node.type === 'wireguard')
+			push(config.endpoints, generate_endpoint(urltest_node));
+		else
+			push(config.outbounds, generate_outbound(urltest_node));
+	}
 }
+
+if (isEmpty(config.endpoints))
+	config.endpoints = null;
 /* Outbound end */
 
 /* Routing rules start */
diff --git a/luci-app-homeproxy/root/etc/homeproxy/scripts/migrate_config.uc b/luci-app-homeproxy/root/etc/homeproxy/scripts/migrate_config.uc
index c55971bbb..2e09e9f2a 100755
--- a/luci-app-homeproxy/root/etc/homeproxy/scripts/migrate_config.uc
+++ b/luci-app-homeproxy/root/etc/homeproxy/scripts/migrate_config.uc
@@ -67,6 +67,10 @@ uci.foreach(uciconfig, ucinode, (cfg) => {
 	/* tls_ech_tls_disable_drs is useless and deprecated in sb 1.12 */
 	if (!isEmpty(cfg.tls_ech_tls_disable_drs))
 		uci.delete(uciconfig, cfg, 'tls_ech_tls_disable_drs');
+
+	/* wireguard_gso was deprecated in sb 1.11 */
+	if (!isEmpty(cfg.wireguard_gso))
+		uci.delete(uciconfig, cfg, 'wireguard_gso');
 });
 
 /* routing rules options */