Hi, currently my router's LAN has an IP range of 192.168.1.0/24 and I used 192.168.2.0/24 for my WireGuard interface. Is it possible to use 192.168.1.0/24 for both LAN and WireGuard, so I do not have to create two networks? If so, how?
AFAIK WG have to have its own subnet.
1 Like
WireGuard is a routed solution and you need three different subnets.
The "server" side, the "client" side and WireGuard itself all need to be on different subnets.
Note there are setups possible where you do not add an IP address to the WG interface at all, but for most setups the wg interface needs its own ip address
2 Likes
You could try to use the proxy_arp sysctl but I would hardly avoid such "clever" hacks.
If you need layer-2 reachability other solutions are needed any way.
What do you actually want to achieve or why do you think it is necessary to use the same numbers?
I'm trying to use PS5 remote play app, but WireGuard seems not working even I added the LAN subnet to allowed IP list. I can ping the PS5 console after connected to VPN, but still cannot use the remote play APP.
Do both devices need to be placed in the same layer-2 domain?
You will need to bridge the LAN and the VPN. As Wireguard is a tunnel device this is not possible. You can use vxlan to transport layer-2 frames via layer-3 (IP) but that's an other can of worms.
(You would need to lower the mtu of your lan, calculate the overhead of Wireguards udp encapsulation and the vxlan overhead and you would need to configure the vxlan properly....)
With openvpn this can be achieved somehow more easily because openvpn can be setup with a tap device which is a layer-2 device which can be bridged to your LAN.
But the best would be to gather some information what the PS5 expect, and why plain routed traffic does not work for the remote app to function....
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.