WireGuard server can’t access one specific client Subnet

Hello community,

Looking for support to use WireGuard connection effectively, requesting support to solve this:

Use case - Router B (Client) connects with Router A ( Server)

Goal : Connect with specific Client subnet (CCTV) from WireGuard server which do not allow access to any IP outside local subnet - all other subnets are accessible except this CCTV

What works;

  1. Connection between Client and server
  2. Internet on both router
  3. both Client and server subnets are accessible through both routers except CCTV IP at WireGuard client subnet

Was thinking if somehow while attempting to connect with CCTV from server my server subnet (e.g. gets translated to client subnet IP, the CCTV firewall would consider it as local connection and allow access…

Full details of this use case and latest configuration can be found here ( another post where @psherman @mk24 helped me getting WireGuard working.

Yes, you can add a SNAT rule to masquerade the packets from server subnet into the IP of the client router.

Hi, Thanks for confirming, as i am not that good with networking can you also help with the required configuration on client router?

The outbound zone is probably not vpn, but some lan or dmz.
Destination address you can use the CCTV one.
Rewrite IP address is the IP that OpenWrt has in this subnet.

1 Like

Worked like a magic, Really appreciate your help.

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.