G'day OpenWRT forum people!
I have a wireguard peer setup and I can connect to it via the Android and Linux wireguard applications and I currently use this peer as exit for internet traffic.
I have currently deployed it on OpenWRT (18.06.1) and I can get a connection correctly with the current setup (I am able to ping from the VPN interface to a resolved host name, google.com, and I can see the RX/TX counters go up accordingly). Setup currently has 2 bridge interfaces with one going directly out the WAN and other going out the VPN.
What do not seem to be able to do is route LAN2 traffic connected to the router via the VPN interface.
- Remote Wireguard peer works for other clients (Android, Linux)
- Internet bound traffic going directly out the WAN interface from LAN works fine.
- Internet bound traffic going directly from the WG interface directly works fine. (eg.
ping -I wg google.com) and it has associated correctly with the remote wireguard peer.
- Internet bound traffic from LAN2 to the WG interface does not work.
WLAN1 --- LAN (br-lan) | -> |WAN --- ISP (OpenWRT-18.06.1) WLAN2 --- LAN2 (br-lan2)| -> |WG --- Remote Wireguard Peer --- ISP
config zone option name 'lan' option input 'ACCEPT'` option output 'ACCEPT' option forward 'ACCEPT' option family 'ipv4' option network 'lan' config zone option name 'wan' option input 'REJECT' option output 'ACCEPT' option forward 'REJECT' option masq '1' option mtu_fix '1' option network 'wan wan6' config zone option output 'ACCEPT' option name 'wg' option masq '1' option mtu_fix '1' option input 'ACCEPT' option forward 'REJECT' option network 'wg' config zone option input 'ACCEPT' option output 'ACCEPT' option name 'lan2' option forward 'ACCEPT' option family 'ipv4' option network 'lan2' config forwarding option dest 'wan' option src 'lan' config forwarding option dest 'wg' option src 'lan2'
Or in picture format
I have seen a few topics on this in these forums, however none of the configuration they applied seemed to do the trick. Any help would be much appreciated.