Default route vs vpn routing

Hi, I recently bought a nanopi R2S, installed openWRT with PBR .
On the R2S I have a working Mullvad VPN using Wireguard, so all of my network is on VPN now. The current default gw is exactly what I want, very happy.

But I also want to vpn into my network, using Wireguard and I cant get it to work. I understand the keys and the ports and the subnets but not the routing.
On ipsec vpn's the cryptomap takes care of routing, but wireguard appears to rely on the routing table, is that correct ?

So I'm not really sure where the default gw is set actually, I assume in the Mullvad config (automatic route setting ? ), but when I go into luci's PBR that route isn't there to be moved around. PBR does display the default gw.

So if I want to use PBR and do all of my routing there, what settings should be "moved" from the Mullvad setting.
And any other advice to get inbound vpn working too.

thanks !

First disable default routing of the VPN interface. Then use this scenario.

1 Like