fine-tuning usage of Wireguard

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
Cold-Lemonade
DD-WRT Novice


Joined: 27 Mar 2021
Posts: 39
PostPosted: Sat Jan 07, 2023 1:56    Post subject: fine-tuning usage of Wireguard Reply with quote
I use Wireguard client on my laptop and iPhone to access the my ddwrt router when I am away from home. Wireguard allows me to access a server running Frigate and Home Assistant. My questions are when to use certain options in Wireguard.

1. When should I enable "CVE-2019-14899 Mitigation"?

2. When should I enable "NAT via Tunnel"?

3. When should I enable "Kill switch"?

4. When should I enable "Inbound Firewall"? This one would seem to defeat the purpose of being able to use Wireguard to get onto my home network.

5. Why do I not want to use "0.0.0.0/0" for allowed IPs?

6. When do I want to enable "block untunneled traffic" in the Wireguard client?

Thank you!
Back to top View user's profile Send private message
Sponsor
Gameman Advanced Kid
DD-WRT Guru


Joined: 18 Nov 2012
Posts: 1158
PostPosted: Sat Jan 07, 2023 4:25    Post subject: Reply with quote
I would like to link you to this.

https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=48331

I wish you the best of luck in finding your answers to these questions.
_________________
For people who are new to the dd-wrt forums >> http://www.catb.org/~esr/faqs/smart-questions.html#rtfm

barryware wrote:
It takes a "community" to raise a router..


Internet Connection 1
Some Techicolor modem > Linksys WRT3200ACM

Internet connection 2
Ubiquiti Powerbeam Gen 2 > Netgear R9000

Official (but not really) dd-wrt General Discussion element/matrix chat

https://matrix.to/#/#dd-wrt-private-non-offical:matrix.org
Back to top View user's profile Send private message Send e-mail
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6446
Location: UK, London, just across the river..
PostPosted: Sat Jan 07, 2023 6:51    Post subject: Reply with quote
lol --- POGO thread explains a lot...but not much for Wireguard... Rolling Eyes

those questions of yours are well explained at the egc Wireguard guides...
so, do some reading here and there Wireguard guides are on the top of the Advanced Networking: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=327397
_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55630 WAP
TP-Link WR1043NDv2 -DD-WRT 55723 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55779 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55819 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55779 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum