Pass incoming data on Wireguard Server to Openvpn Client

Hey all.

Long time DDwrt user and finally made the move to OpenWrt due to what seems to be a more simplified and working Vlan config. I have yet to take a look at that, but first i want to recreate what i had in DDwrt.

  • Nordvpn Openvpn CLIENT i have running. I can set if manually on and off if i want privacy. I dont have/want a killswitch.
  • Wireguard SERVER i have running so i can connect to home LAN on my mobile.
  • Policy based routing i have running to let 1 IP(website) go over WAN instead of openVPN Client

How do i get wireguard server to pass all incoming traffic to the openVPN client while still maintaining LAN accces?

So IF i want privacy on my mobile i can wireguard to home. I know Nordvpn had an app for that, but thats not the question :slight_smile:

I can only succeed with help of tutorials. I know why and when, but not how/syntax etc.
If you say make interface, make firewall code etc , then ill be clueless. :slight_smile:

thx in advance!

It is very interesting question, because Wireguard uses UDP, whereas PBR requires TCP for tracking of connection. I see examples in Readme PBR, but I don't understand, how they work.

But if configuration above works, you should add forwarding from WG zone to OpenVPN zone. It should not influence on LAN access.

1 Like

Ok thx for info. Well the wireguard is new. I used to have openvpn client and server.

Maybe ill just try that then and be happy. Reason i went for WG is because it isnt a cpu hog for my mobile phone.

Ill have a look online for openvpn server --> client forwarding. Ill settle with that if needed.

You should only add forwarding (3 lines), similar to lan->wan forwarding in default configuration.


I have the same scenario "Wireguard server to pass all incoming traffic to the openVPN client while still maintaining LAN access", but the Wireguard client (Android) cannot connect when the openvpn (nordvpn) client is active.
Did you get to work?



Solved with added on my OpenVPN (NordVPN):

--pull-filter ignore redirect-gateway

And I used PBR to route specific source subnets to the VPN.

1 Like

This topic was automatically closed 0 minutes after the last reply. New replies are no longer allowed.