In order to achieve this ,as I only have the one endpoint which is a vps, would I setup the single wg_iface on the vps to listen on 2 ports, or would I create another wg_iface1 with an almost identical config with the exception of the port used?
You would want to create a second wg_iface with a different source port.
Unfortunately, you will need to create some custom firewall rules, because mwan3 won't handle rules for ip addresses that have a static route, which is added by the wireguard script.
You could add something like this to your /etc/firewall.user (warning, untested code)
#!/bin/sh
. /lib/functions.sh
. /lib/mwan3/mwan3.sh
. /lib/mwan3/common.sh
config_load mwan3
mwan3_init
function wireguard_ipt_rule ()
{
local id interface endpoint sport
interface="$1"
endpoint="$2"
sport="$3"
mwan3_get_iface_id id "$interface"
$IPT4 -I OUTPUT -d "$endpoint" -p udp --sport "$sport" \
-j MARK --set-xmark "$(mwan3_id2mask id MMX_MASK)/$MMX_MASK"
}
wireguard_ipt_rule wan 185.XXX.XXX.XXX 51820
wireguard_ipt_rule wwan 185.XXX.XXX.XXX 51821hello everybody, Ciao from Italy,
in this period of covid19 me and my wife are working from home everydays and both of us are software engineer from different company, but always in teleservice with some costumer / machine all around the world, so backup line is important.
In our house we have two linksys, WRT1200AC (primary) and WRT1900ACS (in another zone),
off course both with OpenWrt 19.07.4 r11208-ce6496d796.
I installed Mwan3 in the primary that have two WANs:
WAN: adsl modem 20/1 Mb
WANB: 4G iphone 5s as backup line
avoiding discussing of the issue of "trust this PC" at any router reboot, still an issue,
I have the same issue of beijjjj, we have always an VPN tunnel open using openwrt.
the behavior is the following:
- when WAN goes down => traffic reroute to WANB (and VPN disconnect and reconnect using WANB). it's OK
- when WAN goes up again => normal traffic reroute back to WAN, but VPN tunnel remain on WANB.
so I am planning to do the script that put in sleep for some second the WANB after WAN come back online.
This will disconnect the VPN tunnel again, that is OK, but when reconnect it will use the WAN.
I will wrote here if it working the script, unluckly I did't find a settings in Mwan3 as default "kill connection" .
thank you for you support, you are great team!
1 Like
ciao,
it works!!! great very much, now I am very happy!
my script:
cat << "EOF" > /etc/hotplug.d/iface/10-WAN
if [ "${ACTION}" = "ifup" -a "${INTERFACE}" = "WAN" ]
then sleep 10
ifdown WANB
sleep 30
ifup WANB
fi
EOF`
target reached, thank you for your support!
1 Like
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.