How to deactivate Wireguard

tulear · October 21, 2018, 5:45pm

Hi all,

I'm new Openwrt user, not very familiar yet with it, sorry for my basic questions ...

I've been able to install Wireguard following https://mullvad.net/fr/guides/running-wireguard-router/ instructions. I'm interested with VPN performance using a quite old router (e4200), it works fine (Mullvad server).

My point I thatI don't know how to come back to the default Lan/Wan config when I stop Wireguard interface. Once I stop Wireguard Interface, I'm not able to access anymore to Internet. I tried to modify Firewall zones (see below my Wireguard config), by adding Wan in Lan zone forwarding without success.

Thanks for your help

bizpioneer · January 11, 2019, 12:47am

I have the same issue, is there anyone here that can help? I tried to change firewall rule from Lan>WGZONE to Lan>WAN but still no good.

lleachii · January 11, 2019, 3:01pm

Did you uncheck the create routes box?

trendy · January 11, 2019, 3:06pm

Two mistakes:

Lan doesn't forward to Wan
Wan doesn't do NAT (the Masquerade and MSS clamping tickboxes)

SpiceM · December 27, 2019, 4:17am

same question
any solution yet?

lleachii · December 27, 2019, 2:50pm

The solution is the same, change the routes back.

This thread is a year old, you may wish to create a new one
Also, I just noticed the OP removed his LAN <> WAN rule, that should have not been touched and may be the cause of their original issue

SpiceM · December 27, 2019, 4:03pm

I'm aware it is one year old
but the question remains. there is no easy way to get back to regular connection. even with changing the routes back I couldnt get connectivity without having to reboot router and restart the network. wireguard is supposed to be simpler than this. maybe it is time we have a better implantation on openwrt

lleachii · December 27, 2019, 4:19pm

So the solution works; but you want another feature?

Perhaps you should make a new thread in the For Developers section.

To be clear, changing routes doesn't require a reboot. I personally: enable, disable and switch WG tunnels all the time, simply by redirecting/editing the routes - no rebooting necessary. Perhaps you're not using 0.0.0.0/1 and 128.0.0.0/1 as routes; and accidentally using the default 0.0.0.0/0.

Can you describe what that "better implementation" is, please?

It's not really clear from the statements what you're actually seeking, nor is it clear what's still causing an issue for you.

SpiceM · December 27, 2019, 4:33pm

yes you are right. pardon my ignorance. I just realized that from downloading windows wireguard client. I learned that 0.0.0.0/0 is a killswitch. otherwise I would not have understood what "0.0.0.0/1 and 128.0.0.0/1" is.
now it works by simply toggling on and off.

tmomas · January 6, 2020, 4:33pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.