This route for the endpoint must appear in the routing table for the tunnel to work.
What is wrong here is that it points to the gateway 192.168.0.254 in br-lan, instead of pppoe-dyn in pppoe-wan,
If I understand properly the wireguard endopoint is in the internet, not in your LAN.
Can you confirm that?
What is the 192.168.0.254? Do you have some static route towards that?
Then it is wrong to use the LAN address of the Openwrt to reach something on the internet. I don't know how it got there, but you should have the IP of pppoe-dyn instead.
As @lleachii pointed you should use the networks you wish to reach over the tunnel instead of everything, and also enable the Route Allowed IPs tickbox.
Would it change the host route to the peer endpoint address? I don't think so since it seems to be always inserted if the peer endpoint is reachable via the default gateway. It doesn't depend on the allowed-ips anyway.
Or you could allow 0.0.0.0/0, and use a dynamic routing protocol or another way to define routes.
Hi!
I have exactly the same issue. Two routers connected through a WG-Tunnel.
R1
1 WAN (public IPv4)
multiple LAN-Subnets
AllowedIPs: 0/0, but the routed nets manually set
R2
1 WAN behind a FW prohibiting incoming connections
2 LAN-Subnets
it was also AllowedIPs: 0/0, but the routed nets manually set
I tried manually specifying the nets and autosetting the routes (while also keeping them as manual static routes), nothing changed
On R1 there the route is correct (IP of R2 -> WAN). On R2, the Route to R1 is through a LAN (which doesn't work ). The Tunnel worked for ~1 Year without a problem. After a downtime of the WAN on R2, it stopped working. Actually in my case, I wouldn't need this route in any direction since I route only specific nets.
I would also appreciate help (although I can only debug it when I am at R2).