Recent content by brec

  1. B

    Basic question about LAN ip address recognition

    I'm trying to implement what you describe. IP forwarding is enabled. I have only one LAN subnet. The only means of "instead be routed through the VPN" is to bring the WireGuard virtual tunnel interface up. The only way to do that is by SSH to the VPN client box, or as a boot-time process. Even...
  2. B

    Basic question about LAN ip address recognition

    Here's my attempt at emulating the router logic you've outlined and the failure report. I thought it too WireGuard-specific for this thread, but you're more than welcome to take a look at my SuperUser post.
  3. B

    Basic question about LAN ip address recognition

    Yes, but how is that intention implemented? How, e.g., does any router know that SSH traffic is local and not to be forwarded? Edit: AFAIK I have to write the relevant routing rules myself -- WireGuard is leaner in that respect than OpenVPN.
  4. B

    Basic question about LAN ip address recognition

    If all traffic into the VPN/router is tunneled out, what prevents SSH traffic into the VPN/router from being tunneled out and therefore not handled by its SSH server?
  5. B

    Basic question about LAN ip address recognition

    I'd be pleased to be persuaded that I'm making this unnecessarily complicated! I'll experiment with the single-interface approach and see if/where I get into trouble. How is SSH traffic handled? Both my WGbox and one of the client boxes are headless.
  6. B

    Basic question about LAN ip address recognition

    The project is to add a WireGuard VPN box to my LAN -- a headless Ubuntu system that will peer with a WireGuard server on a cloud VPS. Let's call this new LAN box "WGbox." It has multiple ethernet connectors. I'd like it to provide VPN tunneling to two other LAN clients: a headless data server...
  7. B

    Basic question about LAN ip address recognition

    Indeed! I wanted to avoid undue broadening of the scope. But now that you've asked (yay!) stand by for the project description and network design issues.
  8. B

    Basic question about LAN ip address recognition

    Would an alternative to using a command in the router like ifconfig br0:1 10.0.0.1 netmask 255.0.0.0 be to use the GUI's Advanced Settings::LAN::Route to provide a static route? The brief (as always for ASUS) documentation on that facility is that it's for other routers on the LAN side...
  9. B

    Basic question about LAN ip address recognition

    In reply to my question as to assigning a LAN device an address, such as 10.0.0.0/8, other than the router's 192.168.0.0/16. What does the 86U do with packets from a LAN connection with a source subnet unknown to it? -- Does "route it out its default gateway" mean out its WAN interface? Does...
  10. B

    Basic question about LAN ip address recognition

    Thanks for your patience -- take the rest of the day off!
  11. B

    Basic question about LAN ip address recognition

    Annnnnd... lastly (?) does ipconfig br0:1 ... create the br0 "device" or refer to a preexisting one?
  12. B

    Force client lists refresh or force DHCP lease renewal?

    I understand they're two different things. I'm trying to solve changing DHCP settings and not seeing the results in the client list until (I am guessing) the lease expires. E.g., taking a client offline doesn't reflect in the list. Removing a client from DHCP and assigning its ip to it manually...
  13. B

    Force client lists refresh or force DHCP lease renewal?

    Rebooting is often inconvenient because it disconnects innocent (i.e., other than me) users or a server. Is there any way to force a client list refresh, or to force a DHCP lease renewal of a device? The client list Refresh button doesn't seem to do anything.
  14. B

    Basic question about LAN ip address recognition

    Got it. Were I to do this, could I change your example 192.168.10.1 to a non-192.168.0.0/16 ip such as an address in 10.0.0.0/8?
  15. B

    Basic question about LAN ip address recognition

    1. Given that I can just use an address in my current subnet but that doesn't conflict with the DHCP pool, I think I'm OK without worrying about introducing another subnet. 2. But I'm technically curious. I am running Merlin. Where would I find the services-start script? I ssh'd into the 86U...
Top