NonAlex
Occasional Visitor
Here is the situation: i have two ASUS routers, one, "client", runs Asuswrt-merlin, second, "server" runs ASUS native firmware as it's RT-AX89X.
What I'd like to do: Establish WG tunnel from "client" to "server", and have "server" to route certain public Internet IP subnets via the tunnel to "client" and then to the WAN interface of the "client"
I can on the "server" side, in WG server settings, I can add IP subnets to the "Server allowed IPs" list, and "server" router simply puts it on the routing table pointing to the VPN client interface
8.8.8.8 * 255.255.255.255 UH 0 0 0 wgs1
Unfortunately on the "client" router side I don't really see where to allow to route incoming traffic from the tunnel to the Internet. VPN Director rule to the "server" LAN subnet works just fine. So, i kind of have route pointing to the "server" LAN subnet from the "client".
On the "client" side WG VPN Client settings "Inbound firewall" is set to "allow". NAT is set to disabled.
However pings to 8.8.8.8 from the "server" all time out.
Actually, noting works in the reverse direction, even ping from the "server" router to the "client" LAN subnet (that's also in "Server Allowed IPs" list
UPDATE: Actually, I was doing everything right
Ping didn't work from the "server" router itself only, while for the clients of that router it all works like a charm!
What I'd like to do: Establish WG tunnel from "client" to "server", and have "server" to route certain public Internet IP subnets via the tunnel to "client" and then to the WAN interface of the "client"
I can on the "server" side, in WG server settings, I can add IP subnets to the "Server allowed IPs" list, and "server" router simply puts it on the routing table pointing to the VPN client interface
8.8.8.8 * 255.255.255.255 UH 0 0 0 wgs1
Unfortunately on the "client" router side I don't really see where to allow to route incoming traffic from the tunnel to the Internet. VPN Director rule to the "server" LAN subnet works just fine. So, i kind of have route pointing to the "server" LAN subnet from the "client".
On the "client" side WG VPN Client settings "Inbound firewall" is set to "allow". NAT is set to disabled.
However pings to 8.8.8.8 from the "server" all time out.
Actually, noting works in the reverse direction, even ping from the "server" router to the "client" LAN subnet (that's also in "Server Allowed IPs" list
UPDATE: Actually, I was doing everything right
Ping didn't work from the "server" router itself only, while for the clients of that router it all works like a charm!
Last edited:
