Strange issues with WireGuard client

[Ste00]

Hi,

I did search before posting this but couldn't seem to find the same issue.

When I have setup the client using the service config file I then use the director to enable it for 1 device only.

1. Once I have enabled the WireGuard client, it seems the Router itself then uses the VPN rather than WAN. Example, I use a US WireGuard from UK, once I enable the client Pings on the dashboard spike from 5-8ms up to 90-130ms.

2. With the WireGuard client activated I could see in the router logs that the WAN was dropping up to 12 times an hour and restoring connection within 6l7 seconds each time.

What is causing this? Do I need to change the AllowedIPs under Peer to just that one device I want to use the VPN or leave it as 0.0.0.0/0?

Thanks

 

[ZebMcKayhan]

What is causing this? Do I need to change the AllowedIPs under Peer to just that one device I want to use the VPN or leave it as 0.0.0.0/0?

No idea, the only thing that comes to mind off the top of my head is if the vpn tunnel somehow creates an ip and/or routing conflict.

Are there any ip conflict between the vpn tunnel ip and your wan ip? Or any other adjecent ips, like lan ip?

 

[Ste00]

No idea, the only thing that comes to mind off the top of my head is if the vpn tunnel somehow creates an ip and/or routing conflict.

Are there any ip conflict between the vpn tunnel ip and your wan ip? Or any other adjecent ips, like lan ip?

Thanks for the response.

The address for the iface of the VPN is outside the LAN subnet (VPN iface 10.7.0.83/32, LAN 10.0.0.0/24).

I've been scratching my head all day on this.


Edit: think you found the issue! I checked the routing table and my WAN uses Cloudflare DNS, I also added these as DNS servers on the VPN iface. Removing them from the VPN iface has cured the issue of the router using the tunnel rather than WAN and I will now monitor to see if it starts dropping WAN as it did before.