I cant seem to get my two wireguard interfaces to work with pbr. One of them works and other doesn't.
I have the route allowed ips disabled because i only need it for two devices so one device per wireguard interface. I have the route ips set to 0.0.0.0/0 but its disabled.
Is there something i may be doing wrong? Ive been working on this the past few hours with no luck and cant seem to figure it out. Also ive read on similar posts to change the listening port so each of the wireguard interfaces are different but when i do that neither of them work at all. If anyone has any advice i would sure appreciate it.
And just to clarify they're both two different configs with different private keys on each of the separate wireguard interfaces.
Can you elaborate the use case?
Like, do you want the router to provide a "server" site where 2 remote clients can connect or do you have 2 "client" configs on the router and want to provide 2 tunneled connections for 2 local clients?
I want 2 client configs and want 2 tunneled connections for the 2 local clients. Sorry for the confusion. You explained it in a much more understandable way.
yeah, This issue exist i got the same issue here, Just one of them working at a same time.
Btw i tried without the PBR package which should work but didn't here too.
When one Wireguard interface has multiple peers, the allowed_ips of the peers must be unique subnets (no overlap). For example you can't have both peer sections allow 0.0.0.0. Allowed_ips for a "road warrior" phone or laptop with no LAN behind it should just be the /32 of the peer's tunnel IP.
If there're wireless, you could make different SSIDs for each tunnel and permanently configure the routes/rules (or PBR) to route based on the SRC wireless interface of the traffic.
Each of my devices are on unique subnets but it still doesn't work. One of the devices are on 192.168.3.1 and the other is on 192.168.4.1. So what exactly what i put on the peers section on route allowed ips? And would i still need to use pbr?
I still don't understand what you're trying to do. Are these tunnels two connections to a commercial VPN service, such as two of their servers in two different countries?
If you have two road warrior devices connecting back into your router from remote locations, that is easily handled with conventional routing no PBR.
Im gonna make this as simple as possible for you to understand. I have two devices that i want connected a vpn. I want to use two seperate configs so two seperate wireguard interfaces. I want the rest of the devices on my network to go through the wan and not use the either wireguard interface at all. The two configs will be coming from the same vpn service. All i want is to know how to set that up and that is it. Plain and simple as that.
