How to selectively direct certain devices from my local network to the WireGuard tunnel?

Hello, I set up the WireGuard interface, I can enable full redirection through it. Now this is not the case, because I do not need it, in the "remark" described why.

I have a couple of devices on my local network that need to access the internet through a VPN tunnel. They have static IPs. How can I achieve this?

I tried some options, but it did not help me, I'm not very good at this. I would be grateful for advice or a solution to the problem.

Remark: I don't know whether this is important in the context of this question or not, but I use mwan3 and I have two wan interfaces, one "wan" is wired internet over twisted pair, and usb 4G as a backup channel. The configuration works as it should, WireGuard is not taken into account unless I specifically include it in the mwan3 configuration, that suits me. I still have access to the VPN from local devices, because I registered routes in the VPN on the router.

Have you looked into Policy Based Routing (PBR):


PBR and mwan3 DO NOT play well ‘out of the box’ together

1 Like

You can use mwan3 to forward certain devices via the wireguard tunnel. Include the wireguard in the mwan3 interfaces, make a member out of it, then a policy using this member, and finally a rule to forward the source IP with the wireguard policy.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.