Hello!,
So I have some difficulty understanding something, I hope somebody can tell me if this configuration is considered 'intended' or that i might break something?
so I have followed this guide by mullvad:
https://mullvad.net/en/help/running-wireguard-router (if you scroll down to the title ' Configure WGInterface settings')
this works perfectly, I also use PBR and have the default gateway option disabled, but now comes my issue.
currently I decided to create another wgclient interface but as a exact copy, this means the reserved ip is the same, aswell for the private and public key, the only difference is the country in the peers section.
my ultimate goal with this is:
wgclient <- as normal vpn connection
wgclient2 <- only for youtube
so far it works, but it makes me very questioning if this is the intended way of doing so there is not a way to make a peer a seperated interface from wgclient? maybe i've misunderstood the implementation but I thought peers could also act as seperated clients?
my configuration (I stripped the pieces which should be private, please know keys are all equal):
network
config interface 'loopback'
option device 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option packet_steering '2'
config device
option name 'br-lan'
option type 'bridge'
option ipv6 '0'
option bridge_empty '1'
option mtu '1500'
option multicast_to_unicast '0'
list ports 'lan1'
list ports 'lan2'
list ports 'lan3'
list ports 'lan4'
list ports 'lan5'
list ports 'vx0'
config interface 'lan'
option device 'br-lan.169'
option proto 'static'
option ipaddr '10.234.53.1'
option netmask '255.255.255.0'
option delegate '0'
config interface 'wan'
option device 'eth1.300'
option proto 'dhcp'
option delegate '0'
option classlessroute '0'
config bridge-vlan
option device 'br-lan'
option vlan '169'
list ports 'lan1:u*'
list ports 'lan2:u*'
list ports 'lan3:u*'
list ports 'lan4:u*'
list ports 'lan5:u*'
config bridge-vlan
option device 'br-lan'
option vlan '6'
list ports 'lan3:t'
config bridge-vlan
option device 'br-lan'
option vlan '49'
list ports 'lan1:t'
list ports 'lan2:t'
list ports 'lan4:t'
list ports 'lan5:t'
config bridge-vlan
option device 'br-lan'
option vlan '50'
list ports 'lan1:t'
list ports 'lan2:t'
list ports 'lan4:t'
list ports 'lan5:t'
list ports 'vx0:t'
config bridge-vlan
option device 'br-lan'
option vlan '51'
list ports 'lan1:t'
list ports 'lan2:t'
list ports 'lan4:t'
list ports 'lan5:t'
list ports 'vx0:t'
config bridge-vlan
option device 'br-lan'
option vlan '52'
list ports 'lan1:t'
list ports 'lan2:t'
list ports 'lan4:t'
list ports 'lan5:t'
config bridge-vlan
option device 'br-lan'
option vlan '53'
list ports 'lan1:t'
list ports 'lan2:t'
list ports 'lan4:t'
list ports 'lan5:t'
config interface 'aria'
option proto 'static'
option device 'br-lan.6'
option defaultroute '0'
option delegate '0'
option ipaddr '192.168.99.1'
option netmask '255.255.255.0'
config interface 'pcnet'
option proto 'static'
option device 'br-lan.49'
option ipaddr '10.34.79.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
config interface 'wlan0'
option proto 'static'
option device 'br-lan.50'
option ipaddr '10.234.80.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
config interface 'wlan1'
option proto 'static'
option device 'br-lan.51'
option ipaddr '10.234.81.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
config interface 'zigbee'
option proto 'static'
option device 'br-lan.52'
option ipaddr '10.33.77.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
config interface 'wgclient'
option proto 'wireguard'
option private_key 'thekey21' # also fictional.
list addresses '10.64.132.9991/32' # I changed this into a fictional number
option defaultroute '0'
option delegate '0'
option metric '0'
option classlessroute '0'
option force_link '1'
option mtu '1420'
config interface 'wgclient2'
option proto 'wireguard'
option private_key 'thekey21' # also fictional.
list addresses '10.64.132.9991/32' # I changed this into a fictional number
option defaultroute '0'
option delegate '0'
option metric '0'
option classlessroute '0'
option force_link '1'
option mtu '1420'
config wireguard_wgclient
option description 'Netherlands_nl-ams-wg-001'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3004'
option persistent_keepalive '0'
option public_key '<priv>'
option disabled '1'
config wireguard_wgclient
option disabled '1'
option description 'Netherlands_nl-ams-wg-002'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3039'
config wireguard_wgclient
option disabled '1'
option description 'Netherlands_nl-ams-wg-003'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3040'
config wireguard_wgclient
option description 'Netherlands_nl-ams-wg-004'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3113'
config wireguard_wgclient
option disabled '1'
option description 'Netherlands_nl-ams-wg-005'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3114'
config wireguard_wgclient
option description 'Netherlands_nl-ams-wg-006'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3094'
option disabled '1'
config wireguard_wgclient
option description 'Netherlands_nl-ams-wg-101'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3019'
option disabled '1'
config wireguard_wgclient
option description 'Netherlands_nl-ams-wg-102'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3041'
option disabled '1'
config wireguard_wgclient
option disabled '1'
option description 'Netherlands_nl-ams-wg-103'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3048'
config wireguard_wgclient
option description 'Netherlands_nl-ams-wg-104'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3095'
option disabled '1'
config wireguard_wgclient
option disabled '1'
option description 'Netherlands_nl-ams-wg-201'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3507'
config wireguard_wgclient
option description 'Netherlands_nl-ams-wg-202'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3508'
option disabled '1'
config wireguard_wgclient
option description 'Netherlands_nl-ams-wg-203'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3509'
option disabled '1'
config interface 'wgserver'
option proto 'wireguard'
option private_key '<priv>'
option listen_port '<priv>'
list addresses '10.6.7.1/24'
option defaultroute '0'
config wireguard_wgserver
option description 'MT3000'
option public_key '<priv>'
option private_key '<priv>'
option endpoint_host '<priv>'
option endpoint_port '<priv>'
option persistent_keepalive '25'
list allowed_ips '0.0.0.0/0'
option preshared_key '<priv>'
config interface 'tvnet'
option proto 'static'
option device 'br-lan.53'
option ipaddr '172.22.33.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
config bridge-vlan
option device 'br-lan'
option vlan '91'
list ports 'lan1:t'
list ports 'lan2:t'
list ports 'lan4:t'
list ports 'lan5:t'
config interface 'fakeisp'
option proto 'static'
option device 'br-lan.91'
option ipaddr '10.10.10.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
config bridge-vlan
option device 'br-lan'
option vlan '23'
list ports 'lan1:t'
list ports 'lan2:t'
list ports 'lan4:t'
list ports 'lan5:t'
config interface 'iptv'
option proto 'static'
option device 'br-lan.23'
option ipaddr '192.168.196.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
config interface 'wifivpn'
option proto 'wireguard'
option private_key '<priv>'
option listen_port '51820'
list addresses '10.39.95.1/24'
option delegate '0'
option defaultroute '0'
option mtu '1384'
config wireguard_wifivpn
option description 'poco-x6-pro'
option public_key '<priv>'
option private_key '<priv>'
option endpoint_host '10.234.80.1'
option endpoint_port '51820'
option persistent_keepalive '25'
list allowed_ips '10.39.95.2/32'
option preshared_key '<priv>'
config wireguard_wifivpn
option description 'ayaneo'
option public_key '<priv>'
option private_key '<priv>'
option endpoint_host '10.234.80.1'
option endpoint_port '51820'
option persistent_keepalive '25'
list allowed_ips '10.39.95.3/32'
config device
option name 'wifivpn'
option multicast '1'
config interface 'vx0'
option proto 'vxlan'
option peeraddr '10.6.7.2'
option ipaddr '10.6.7.1'
option tunlink 'wgserver'
option delegate '0'
option vid '4066'
config device
option name 'eth0'
option ipv6 '0'
config bridge-vlan
option device 'br-lan'
option vlan '178'
list ports 'lan1:t'
list ports 'lan2:t'
list ports 'lan4:t'
list ports 'lan5:t'
config interface 'aqaranet'
option proto 'static'
option device 'br-lan.178'
option ipaddr '10.233.10.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
config interface 'hwnet'
option proto 'static'
option device 'br-lan.179'
option ipaddr '10.182.32.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
config bridge-vlan
option device 'br-lan'
option vlan '179'
config bridge-vlan
option device 'br-lan'
option vlan '90'
list ports 'lan1:t'
list ports 'lan2:t'
list ports 'lan4:t'
list ports 'lan5:t'
list ports 'vx0:t'
config interface 'aya'
option proto 'static'
option device 'br-lan.90'
option ipaddr '10.87.62.1'
option netmask '255.255.255.0'
option defaultroute '0'
option delegate '0'
config wireguard_wgclient2
option description 'al-tia-wg-001'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3155'
config wireguard_wgclient2
option disabled '1'
option description 'al-tia-wg-002'
option public_key '<priv>'
list allowed_ips '0.0.0.0/0'
option endpoint_host '<priv>'
option endpoint_port '3212'
its about the interface wgclient and wgclient2.