[Solved] Routing specific VLAN through a wireguard interface not through WAN interface

frisky5 · October 17, 2023, 2:27pm

I've created a VLAN with id 10, and it has IP address range of 192.168.101.0/24
And created a Wireguard interface (as a client, it is connected to a server in another country).

How to make VLAN clients access the internet through the wireguard interface and not through the WAN interface ?

for now i created a firewall zone for the VLAN named it "privateZone"
and a firewall zone for the wireguard interface called "wgZone"

but VLAN users do not have internet access like that,

i made sure the wireguard interface has internet access like so

i've tried the PBR forum but didn't workout it mentions the wireguard must be a "server" not a "client"

would appreciate any help and would sure any required config. Thanks a lot!

lleachii · October 17, 2023, 2:58pm

Wireguard uses peers, there is no "server" or "client" in the standard sense. You can:

use PBR; or
make IP Routes and IP Rules

Using IP Routes and IP Rules:

config route
        option target '0.0.0.0'
        option netmask '0.0.0.0'
        option table '1' #<---number used, or add name to a file, see Wiki
        option interface 'wg'

config rule
        option src '192.168.101.0/24'
        option dest '0.0.0.0/0'
        option priority '1' #<---IP Rule No - not same as table
        option lookup '1'#<--- table No

frisky5 · October 17, 2023, 3:31pm

Thanks for your response, yes am aware wg is just peers but tried to clarify it that am connected openwrt to as a peer to a server in another country.

I will try this rule and route but should i keep the zones or i can delete them ?

lleachii · October 17, 2023, 3:44pm

Zones define/configure how you desire your traffc to be firewalled - you'd keep them.

frisky5 · October 17, 2023, 5:05pm

worked like a char, added the lines to /etc/config/network and it worked, zones are needed to be defined properly as you mentioned in order for it work as well. thank you so much for the help!

lleachii · October 17, 2023, 5:08pm

Excellent - glad you got it working!

If your problem is solved, please consider marking this topic as [Solved]. See How to mark a topic as [Solved] for a short how-to.

system · October 27, 2023, 5:09pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.