[Solved] Routing specific VLAN through a wireguard interface not through WAN interface

I've created a VLAN with id 10, and it has IP address range of
And created a Wireguard interface (as a client, it is connected to a server in another country).

How to make VLAN clients access the internet through the wireguard interface and not through the WAN interface ?

for now i created a firewall zone for the VLAN named it "privateZone"
and a firewall zone for the wireguard interface called "wgZone"

but VLAN users do not have internet access like that,

i made sure the wireguard interface has internet access like so

i've tried the PBR forum but didn't workout it mentions the wireguard must be a "server" not a "client"

would appreciate any help and would sure any required config. Thanks a lot!

Wireguard uses peers, there is no "server" or "client" in the standard sense. You can:

  • use PBR; or
  • make IP Routes and IP Rules

Using IP Routes and IP Rules:

config route
        option target ''
        option netmask ''
        option table '1' #<---number used, or add name to a file, see Wiki
        option interface 'wg'

config rule
        option src ''
        option dest ''
        option priority '1' #<---IP Rule No - not same as table
        option lookup '1'#<--- table No
1 Like

Thanks for your response, yes am aware wg is just peers but tried to clarify it that am connected openwrt to as a peer to a server in another country.

I will try this rule and route but should i keep the zones or i can delete them ?

Zones define/configure how you desire your traffc to be firewalled - you'd keep them.

1 Like

worked like a char, added the lines to /etc/config/network and it worked, zones are needed to be defined properly as you mentioned in order for it work as well. thank you so much for the help!

1 Like

Excellent - glad you got it working!

If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.