Wireguard client with multi-WAN uses wrong interface

Hi all,

I am having a few problems with the Wireguard
Device: GL.iNet GL-AR750S
Software: OpenWRT 19.07.3

I am using it as a client.

Problem 1:
I have two WAN interfaces:

  • wan (interface name: br-wan, bridge members: eth0.2, wlan0-1, metric 10)
  • tethering (interface name: usb0, metric 30)

(note regarding the br-wan, this setup is intentional. I'm using this router to have my own private network behind a sharehouse router, but created a second SSID on wlan0-1 and bridged it so my housemates can have enhanced wifi coverage)

During normal use, my internet traffic goes out the "wan" interface as expected.

However, when I bring up my wireguard interface, it connects and LAN traffic is tunneled correctly, but the tunnel itself to my VPN server went through the "tethering" interface instead.

If I unplug the tethering device, then the wireguard tunnel connects fine through the "wan" interface.

Any idea what the issue is and how I can fix it? I also have mwan3 installed but have disabled/stopped (and restarted network service) it to rule that out as the cause, but unfortunately I got the same result.

Let me know if there are any config I should post.

Problem 2:
Raising the wireguard interface creates a static route to my server address with a 32 mask, with the gateway being the attached phone. When tearing it down, this route is not deleted automatically.

While I can write a hotplug script to deal with this issue, it just feels like a messy workaround.

Is this due to another configuration issue?

https://openwrt.org/docs/guide-user/services/vpn/openvpn/dual-wan

1 Like