There has a kind of scenario, openwrt is main gateway, installed wireguard server on it. which used for access home network from outside. at the sametime, there has another gateway, which run a proxy on it, if we can use the proxy as gateway, we can access network though the proxy directly(prevent ISP block some website).
the route looks like below:
normally when I set the wireguard configuration, the firewall looks like below:
config zone
option name 'wg'
list network 'wg0'
option input 'ACCEPT'
option output 'ACCEPT'
option forward 'ACCEPT'
option masq '1'
config forwarding
option src 'wg'
option dest 'wan'
config forwarding
option src 'wan'
option dest 'wg'
config forwarding
option src 'lan'
option dest 'wg'
config forwarding
option src 'wg'
option dest 'lan'
config rule
option name 'Allow-Wireguard-Inbound'
option target 'ACCEPT'
option src '*'
option proto 'udp'
option dest_port '1234'
It could make peer access lan network and internet though wireguard, but I don't know how to configure it with proxy gateway, I should use static route or something, I'm stuck about it and no ideal how about it, Could someone help to give advice about it, thanks!
Android has support for proxy servers in the wifi settings but the apps can override it. For example I don't think Firefox uses the global setting but it might have its own setting. Unfortunately I don't remember if the proxy server settings are used when using a VPN.
Does your LAN traffic normally go through the proxy to access the internet? Are you only connecting your own trusted devices to your LAN via wireguard?
a kind of transparency proxy, so makes user could pass through some isp blocked website. it configured so you only need to change your phone or PC default gateway then you can use the proxy and no need more configuration on client.
There has a limitation the android has to access the proxy server in specify wifi(which lan network has a proxy gateway), otherwise I have to use other proxy software, but it can not run sametime with wireguard.
Does your LAN traffic normally go through the proxy to access the internet?
-Yes,
Are you only connecting your own trusted devices to your LAN via wireguard?
-No, here I want to use wireguard to connect home lan when use cell phone outside, at the same time, the cellphone could transfer the internet flow pass through the proxy.
Is it an IP gateway? Is it an HTTP/S proxy? Just "a kind of transparency proxy" is the least "transparent" answer you could give us. We need all the specific details.
"Is it an IP gateway? Is it an HTTP/S proxy? Just "a kind of transparency proxy" is the least "transparent" answer you could give us. We need all the specific details."
the router-192.168.1.1 is the IP gateway, it I understand it correct like below:
"What is an IP gateway?
An Internet Protocol ( IP ) address is a unique number that can identify each host (computers, routers, switches, etc.) on a network. ... A gateway IP refers to a device on a network which sends local network traffic to other networks.
"
The proxy gateway-192.168.1.2 is a HTTP/S,SOCKS5 proxy, and it could support redir function too, so it could forward flow to proxy server. for a client, if you set it as default gateway, it will redir flow to proxy server automatically, transparent gateway here means the user will not aware about the flow forward, and no need special setting for it.
I'm not sure whether I have provided enough detail information, please don't hesitate to ask me if you need more.
