I just got my new router and installed OpenWRT (23.05). This means that I actually have a completely clean instance. What do I want to do?
I currently have two WiFi networks (2.4GHz and 5GHz) up and running. I want to create a VLAN that I can manually assign devices to. Furthermore I do not want to create another SSID for the VLAN unless absolutely necessary.
This VLAN would then be routed over a Wireguard VPN tunnel. I do not want to use policy-based routing.
Only the VLAN should go through the tunnel, everything else goes through my ISP. I've found several options on the forum, but I don't know the best way to do this.
Sorry, I'm a complete newbie here. Can you please help me? If you need any information just let me know.
Update: since it might be easier I am fine to go with a seperate ssid for my vlan-devices. i found out, that the routing itself has changes since 23.05 is using nftables. Therefore i still have the same question - how can i achieve, that only the devices connected to the newly created ssid are routed through the wireguard tunnel?
Any hint would be highly appreciated.
thanks
I use the full PBR package to do what you want (and I do some more things with it like exclude some destinations and also DNS policy routing to make sure there is no DNS leak):
But if you want to use netifd you can do something like (/etc/config/network):
config route
option interface 'wg_mullv_se'
option table '102'
option target '0.0.0.0/0'
config rule
# for ip source:
option src '192.168.30.0/24'
# for interface (device name)
#option in 'lan'
option lookup '102'
Thanks. idk why but i had in my mind, that pbr and openwrt23.05 and wireguard clashes somehow. but i will have a look on your documentation.
do you have any recommendations regarding the setup itself? thanks a lot