Installed OpenWRT this weekend on a RT-N56U to get Wireguard VPN functionality, was using Padavan firmware previously.
I am impressed by the console commands on OpenWRT and is looking forward to learning more, until now I have used the GUI/admin to set things up... thank you to anyone who can help me out here...
I have the Wireguard VPN client running (yes!) on this secondary router with net 192.168.2.X behind the primary router with net 192.168.1.X
I've been trying for 48+hrs now to figure out how to get traffic for 192.168.1.X to go to WAN-port on the secondary router and hit the primary router - I have the NAS and media players and a lot of other stuff on 192.168.1.X
All traffic is now going over the Wireguard VPN interface, I can not ping anything on 192.168.1.X
Using vpn-policy-routing in the admin to get the 192.168.2.1/24 to the WIREGUARD interface, adding 192.168.1.1/24 to the WAN (which is the primary router...)
I'm thinking this is a Firewall config problem, where I need FORWARD somewhere,
Thankful for any ideas on where to look and understand how OpenWRT solves this
Also... possibly useful info for anyone attempting to flash Asus router: when using TFTP to flash the router in recovery mode there is very small time window to get the TFTP client to connect after starting the router in recovery mode. If you miss this time window the transfer will not start.
Actually, it should work by default if you disable vpn-policy-routing and use route_allowed_ips=1.
Or, add a static route to table 202 if you really need vpn-policy-routing.
Indeed, it does!! I did a "Reset to defaults" since I can't have a configuration that I don't understand why it works. Also, I'm using the admin GUI...
This time I did the time NTP sync, set up the static routes to 192.168.1.0 network and then installed Wireguard interface as wg0. Configured WG keys and peer and attached it to the WAN zone in firewall, and this time I selected "Route Allowed IPs". Saved, restarted and ... works like a dream.
I can access 192.168.1.X network
All traffic routed over Wireguard VPN
Thank you very much for your assistance, I'll post a step-by-step on this for other interested users.