[johnrobpeter]

Hi, I have an Asus 87U router configured to run in repeater bridge with the same subnetwork as my main router. It's connected through a 2.4Ghz wlan to my first router. Also I have one Virtual vlan for 2.4Ghz and a wlan on 5Ghz. And finally I have wireguard setup and connected to a wireguard server. The question is how do I route all the traffic from all the clients on the wlan and lan through wireguard. Also note that internet access is coming from the first router through the 2.4ghz wlan and I have access to all my resources from the main and secondary routers and a stable connection for wireguard. I am pretty sure that it should be done through IP tables but have no clue how to configure it.
My current bridge assignment is: br0-> eth01, vlan1, vlan2, wl0.1
All I need is the configuration to reroute all my clients' traffic from zone B(see the attachment) through VPN

[egc]

You have to point your clients to the repeater as gateway.

So your clients shoud have 192.168.54.2 as gateway.

You can use dnsmasq on your primary router to hand out alternate gateways for different clients

In my signature see the WireGuard documenation, in the Advanced setup guide is a paragraph about setting up a WG client on a WAP this is comparable as setting up on a bridge

Have fun

[johnrobpeter]

Hey thanks for a quick reply.

Unfortunately when I change the gateway on clients to point to repeater I end up with no internet connection and tracert shows that I stop on repeater.

[egc]

Check with the guide if you have setup accordingly including the NAT rule and have a functioning wireguard connection.

[johnrobpeter]

Hey,

I was following the guide and for me the command
```
route add -host $(nvram get oet1_rem0) gw $(nvram get lan_gateway) dev $(get_wanface)

```

fails. get_wanface is empty but my wan is disabled as I get the access through 2.4Ghz wifi

[kernel-panic69]

Which means that the guide doesn't cover all scenarios like when using a wireless interface as WAN, perhaps.

[egc]

[johnrobpeter]

hmm I don't think I am on latest saw that for my asus only this one is available
Firmware: DD-WRT v3.0-r44715 std (11/03/20)

[kernel-panic69]

And you are going by the information on the router database. Please do not rely on the router database, it is *not* updated. Click on the image below and read:



Please take a moment to read the forum rules and guidelines as well as all the Announcements and Stickies here and in the Broadcom forum to start. You are not done reading, you never will be done reading and learning when it comes to Linux or DD-WRT.

https://download1.dd-wrt.com/dd-wrtv2/downloads/betas/

06-28-2021-r47000

[johnrobpeter]

upgraded to the latest and greatest (Firmware: DD-WRT v3.0-r47000 std (06/28/21)) but still no luck with my VPN story

[kernel-panic69]

Something like this is probably why:

root@TL-WR1043NDv2:~# nvram get_wanface
root@TL-WR1043NDv2:~# $(get_wanface)
-sh: wlan0: not found
root@TL-WR1043NDv2:~#

@egc will have to probably look into this and add amplifying information for non-standard situations such as yours. I don't have an RT-AC87U to tinker with.

[egc]

Will have a look but can take a while, I am at this moment surfing in South West France, the waves were great today

[egc]

Rain today, so did a quick test with the spare router setup as repeater bridge.

WireGuard client on the repeater bridge and laptop pointing to the repeater bridge.

Working without a problem got WG connection to my WG server at home.

Attached the breakdown maybe that will give you some clues what to look for.

[johnrobpeter]

weeeird... thanks a lot for your help I guess I need to factory reset and start all over again will try it following your guide 👍

[johnrobpeter]

still no luck. Completely reconfigured and still as soon as I enable the WG on router the internet disappears. can't ping my WG server cant ping google ...