Hi,
I hope someone can help me, I'm very new to openwrt.
Just bought a couple of GL-inet Brume routers and successfully set up a site-to-site wireguard VPN using the goodcloud.xyz service.
Router1 is behind a router with public IP, and port forwarding to router1 is open.
Router2 cannot be reached from the internet.
The goodcloud web interface shows the wireguard VPN is up (and calls route1 "main node").
The tunnel is up:
Host 192.168.10.101 in LAN1 (behind router1) can ping router2 (192.168.9.1) and also reach router2's web admin interface (http://192.168.9.1).
And a host in LAN2 can ping router1 (192.168.10.1) and reach its web admin interface.
My problem:
LAN1 traffic goes to the internet through router1's wan interface (and LAN2 traffic goes out through the router2 wan interface).
But I want LAN1 traffic to go through the tunnel to router2 (where it will go to the internet through router2's wan interface)
How do I do this?
On router1:
root@GL-MV1000:/etc/config# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.1.254 0.0.0.0 UG 10 0 0 wan
172.30.55.2 * 255.255.255.255 UH 80 0 0 wg1
192.168.1.0 * 255.255.255.0 U 10 0 0 wan
192.168.9.0 * 255.255.255.0 U 80 0 0 wg1
192.168.10.0 * 255.255.255.0 U 0 0 0 br-lan
root@GL-MV1000:/etc/config# ifconfig
br-lan Link encap:Ethernet HWaddr 94:83:C4:09:DC:54
inet addr:192.168.10.1 Bcast:192.168.10.255 Mask:255.255.255.0
inet6 addr: fe80::9683:c4ff:fe09:dc54/64 Scope:Link
inet6 addr: fd35:1066:3feb::1/60 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:9271830 errors:0 dropped:0 overruns:0 frame:0
TX packets:13892881 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3481872692 (3.2 GiB) TX bytes:9857357013 (9.1 GiB)
eth0 Link encap:Ethernet HWaddr 94:83:C4:09:DC:53
inet6 addr: fe80::9683:c4ff:fe09:dc53/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:23794222 errors:0 dropped:0 overruns:0 frame:0
TX packets:23291209 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:532
RX bytes:13746884819 (12.8 GiB) TX bytes:13662370911 (12.7 GiB)
Interrupt:9
lan0 Link encap:Ethernet HWaddr 94:83:C4:09:DC:54
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:3866096 errors:0 dropped:23 overruns:0 frame:0
TX packets:5673909 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1201498105 (1.1 GiB) TX bytes:4153016990 (3.8 GiB)
lan1 Link encap:Ethernet HWaddr 94:83:C4:09:DC:54
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5405828 errors:0 dropped:71 overruns:0 frame:0
TX packets:8218954 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2280378911 (2.1 GiB) TX bytes:5704330259 (5.3 GiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:6038 errors:0 dropped:0 overruns:0 frame:0
TX packets:6038 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:814990 (795.8 KiB) TX bytes:814990 (795.8 KiB)
usb0 Link encap:Ethernet HWaddr 8E:83:C4:FF:DC:53
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
wan Link encap:Ethernet HWaddr 94:83:C4:09:DC:53
inet addr:192.168.1.250 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::9683:c4ff:fe09:dc53/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:14522298 errors:0 dropped:0 overruns:0 frame:0
TX packets:9398338 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:9741534919 (9.0 GiB) TX bytes:3618693158 (3.3 GiB)
wg1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.30.55.1 P-t-P:172.30.55.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MTU:1420 Metric:1
RX packets:392 errors:0 dropped:0 overruns:0 frame:0
TX packets:52 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:29168 (28.4 KiB) TX bytes:4856 (4.7 KiB)
I tried on router1 to change the default route to wg1:
root@GL-MV1000:/etc/config# ip route del default
root@GL-MV1000:/etc/config# ip route add default via 172.30.55.2 metric 10 dev wg1
root@GL-MV1000:/etc/config# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.30.55.2 0.0.0.0 UG 10 0 0 wg1
172.30.55.2 * 255.255.255.255 UH 80 0 0 wg1
192.168.1.0 * 255.255.255.0 U 10 0 0 wan
192.168.9.0 * 255.255.255.0 U 80 0 0 wg1
192.168.10.0 * 255.255.255.0 U 0 0 0 br-lan
But broke everything:
Host 192.168.10.101 in LAN1 cannot ping router2 (192.168.9.1) anymore, neither surf the net.
It can ping 8.8.8, but not through the tunnel:
C:\Users\buzz1>tracert 8.8.8.8
Tracing route to dns.google [8.8.8.8]
over a maximum of 30 hops:
1 1 ms 1 ms <1 ms console.gl-inet.com [192.168.10.1]
2 2 ms 1 ms 2 ms FASTGATE [192.168.1.254]
3 6 ms 15 ms 16 ms 10.5.3.124
4 3 ms 3 ms 4 ms 10.250.137.226
So I believe this was a wrong try.
What's the right way to go?
Any help would be greatly appreciated!
, thank you.