Wireguard traffic through Wan

Peacefuleight · February 2, 2023, 2:49pm

HI,

I use wg and pbr and in the moment everything goes to wg, but now I have just few devices which need wg so I would prefer traffic trough wan and use pbr to add some devices to wg. I thought I had only to unchecked the route allowed ips, but it seems to does not work.

lopez67876 · February 2, 2023, 3:02pm

Did you tryed with net.ipv4.conf.wg0.rp_filter = 2 in /etc/sysctl.conf ?

Peacefuleight · February 2, 2023, 3:04pm

no I have no idea what it is

Peacefuleight · February 2, 2023, 3:11pm

I added it, it seems to be the same. I try to choose ''wan'' instead of '''torguard wg'' as default route?

lopez67876 · February 2, 2023, 3:37pm

Peacefuleight · February 2, 2023, 3:43pm

where is the Use default gateway ??

lopez67876 · February 2, 2023, 3:54pm

wan interface

trendy · February 2, 2023, 4:57pm

You cannot choose that. It displays the default gateway that has top priority in the main routing table.
But this doesn't matter too much you can add a rule to route a few devices via VPN and then another rule to route everything via the WAN.

Peacefuleight · February 2, 2023, 5:23pm

Yes in the pbr

Bill · February 2, 2023, 6:05pm

Been almost a year since using PBR @trendy, so I don't know for fact this next statement.

Could one put a metric on the wan interface and then just execute ifdown wg0

Peacefuleight · February 2, 2023, 7:02pm

after ifdown wg0 I got the traffic on wan but it is not really what I wanted, cause when I restart wg0, the default is back on wg

tor

trendy · February 2, 2023, 7:11pm

Yes, you can set a higher metric in the wg0 interface, then do a ifup wg0 and it will come up with default in PRB the wan.

Bill · February 2, 2023, 7:13pm

We are going to need you to assign static address "reserved address" for the devices you only want on wan.

Then we can help you build assign these devices to a table lookup and put it on the wan metric.

wg0 stays default route and the simple lookup table will send the exceptions to the wan interface.

Bill · February 2, 2023, 7:16pm

I don't want to sound antagonistic to PBR, but it is not needed if you do a lookup table and metric.

Peacefuleight · February 2, 2023, 7:17pm

but pbr seems to be easier to setup, right?

Bill · February 2, 2023, 7:22pm

Easy? Have you got it working?

Peacefuleight · February 2, 2023, 7:32pm

pbr? yes, it is working well, but all my devices on pbr are on WAN except 3. So I wanted to do the inverse but it is not a big deal

Bill · February 2, 2023, 7:38pm

Great you've achieved PBR making wan the default route correct?

You've got some devices that you need on wg0 correct?

PBR has a huge README and scenarios.
Where do the scenarios not fit in your easy lan?

Peacefuleight · February 2, 2023, 7:40pm

not, still on wg0, the default route goes on ''wan'' only if I do ifdown wg0 but I dont want to stop my wg

trendy · February 2, 2023, 7:46pm

I mentioned how to fix that here.