Requesting Help with static routes.

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

Jumpstarter

Senior Member
Okay first I have wireguard VPN service setup on a client where all its traffic is being routed to a vpn service provider. I have a separate site tunnel I want to route my traffic from the router through this same wireguard configuration. I already have IP forwading on the device configured. Can someone give me a good example of what setting up a static route on my asus router for this may look like?
 

eibgrad

Very Senior Member
Gonna have to read a bit between the lines here since your description is a bit imprecise.

What I *think* you're saying is that you have a *LAN* client that's running WG, and an OpenVPN server configured on the router, and want to route that traffic through the WG client for the purposes of internet access, correct?
 

Jumpstarter

Senior Member
Gonna have to read a bit between the lines here since your description is a bit imprecise.

What I *think* you're saying is that you have a *LAN* client that's running WG, and an OpenVPN server configured on the router, and want to route that traffic through the WG client for the purposes of internet access, correct?
Correct
 

eibgrad

Very Senior Member
If the local VPN client was OpenVPN and running on the router, the answer would be fairly simple. If the default gateway was set to that of the local OpenVPN client, any internet bound traffic from clients of the OpenVPN server would automatically be routed over the local OpenVPN client. It's just automatic. If PBR (policy based routing) was active, you'd need to add the OpenVPN server's IP network (i.e., the tunnel) to PBR.

What makes your situation tricky is now YOU have to implement your own PBR to tell the router it should route the OpenVPN server's IP network over to the LAN ip of the device hosting the local VPN client (WG, OpenVPN, doesn't matter). And once there, it will be routed over that VPN client to the internet.

Certainly doable (I'm doing that right now on my own network, except the local VPN client is OpenVPN). But not an easy task for someone unfamiliar w/ networking. On the router, you'd need to create an alternate routing table, add the LAN ip of the device hosting the WG client as its default gateway, use ip rules to force OpenVPN server's IP packets to use that alternate routing table, etc. Again, doable, but it involves a lot more than just adding a simple static route.
 

eibgrad

Very Senior Member
P.S. Given the complexity, it might be easier to run the OpenVPN server on the same device as the OpenVPN client! And now, just like the router, that traffic will automatically be routed over the OpenVPN client. There are still a few other details, but relatively minor compared to what would be required to make this happen on the router. I assume the device hosting WG is Linux?
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top