All of the policy based routing info I can find is related to OpenVPN and not WireGuard. I get that I may be thinking of that backwards. Either way I have not been able to get the OpenVPN client to be separate from the WireGuard server in relation to WAN IP address.
All of the policy based routing info I can find is related to OpenVPN and not WireGuard. I get that I may be thinking of that backwards. Either way I have not been able to get the OpenVPN client to be separate from the WireGuard server in relation to WAN IP address.
Joined: 18 Mar 2014 Posts: 12917 Location: Netherlands
Posted: Fri May 20, 2022 6:28 Post subject:
@eibgrad already pointed you to the right answer.
You can use Policy Based routing.
As one of the Policy Based routing solutions (besides what @eibgrad already described) you can choose Source Based Routing > Route selected Sources via the WAN and then enter the local port of the WG server e.g.:
Code:
sport 51820
This will selective route only that port via the WAN and everything else will still go through the VPN tunnel.
I think even this can do the trick which will fetch the value of the local port:
Code:
sport $(nvram get oet1_port)
I will move this thread to the Advanced Networking forum.
Reading these last couple of posts and also the advanced guide pdf, this is what I assume I am supposed to do? When I go to "canyouseeme.org" with VPN client enabled it shows the spoofed WAN IP and I cannot remotely access my LAN. When I disable the client, remote access works again. I also tried "Route selected sources via WAN" with only the code: sport 51820. 51820 is indeed the port that WireGuard is using.