Wireguard firewall settings for vpn access for main AP and bypassing vpn for guest AP

Hello Openwrt Forums,
I have been struggling with configuring my setup properly, i have a wireguard instance setup on my router which connects to my vps endpoint which works as expected and is based on the openwrt docs WireGuard Basic Setup
I need also to have an AP that connects to the internet bypassing the wg0 tunnel so I configured another AP following openwrt docsGuest Wlan setup

The guest wlan works but is still accessing the internet via the wg tunnel. I believe this is due to my firewall setup which has the wg interface in the wan firewall zone.
I have tried to create a firewall setup with the wg0 interface in its own zone but everything I have tried fails to allow internet access via the tunnel.

I've searched the forum looking for answers and have found some useful information amongst the many posts regarding wireguard and firewalls but have not managed to get this working as desired.
My first question is a massive noob question regarding posting my config files, how do I post configs that are in the neat grey scroll-able boxes so I don't create a monstrosity of a post?
Second question is can anybody help me with setting up a separate wireguard firewall zone that would allow my guest AP to bypass the wireguard tunnel and main AP to use the tunnel.
Am I even on the right track with regards to setting this up!?

See VPN Policy-Based Routing + Web UI -- Discussion

1 Like

Amazing! Thank you!

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.