mattmcspirit
Occasional Visitor
Hey @ZebMcKayhan,
Following your guidance on the other thread, I managed to successfully import my known-working Wireguard config:
Got a message "[: missing ]" but showed import as successful.
I don't want this peer to start automatically, so I set it to auto=n
I then configure the selective routing rule:
Seems to go through fine, and returns "Updated RPDB Selective Routing rule for wg11"
However, when I start wg11, it successfully connects, but all my LAN devices are going out via the VPN, rather than just the one at 192.168.50.128.
Questions
- Am I understanding the use of Auto=n correctly? Is that preventing wg11 automatically establishing a connection? That's what I want - to be able to manually turn on/off the client via an IOS Shortcut and not have wg11 connected all the time. I wasn't sure if Auto=P turns on an auto connect. I tested with Auto=P, and the policy did just apply to the single device, 192.168.50.128, however, I don't want wg11 to always auto-connect.
- A workaround appears to be to leave Auto=N, and use wgm start wg11 policy which forces wg11 to run in policy mode. This seems to solve my problem, but wanted to check that's the direction I should be going in.
Thanks!
Following your guidance on the other thread, I managed to successfully import my known-working Wireguard config:
Code:
nano /opt/etc/wireguard.d/aws-wg.conf
import aws-wg.conf
Got a message "[: missing ]" but showed import as successful.
I don't want this peer to start automatically, so I set it to auto=n
Code:
peer wg11 auto=n
I then configure the selective routing rule:
Code:
peer wg11 rule add vpn 192.168.50.128 comment VPNTest
Seems to go through fine, and returns "Updated RPDB Selective Routing rule for wg11"
However, when I start wg11, it successfully connects, but all my LAN devices are going out via the VPN, rather than just the one at 192.168.50.128.
Questions
- Am I understanding the use of Auto=n correctly? Is that preventing wg11 automatically establishing a connection? That's what I want - to be able to manually turn on/off the client via an IOS Shortcut and not have wg11 connected all the time. I wasn't sure if Auto=P turns on an auto connect. I tested with Auto=P, and the policy did just apply to the single device, 192.168.50.128, however, I don't want wg11 to always auto-connect.
- A workaround appears to be to leave Auto=N, and use wgm start wg11 policy which forces wg11 to run in policy mode. This seems to solve my problem, but wanted to check that's the direction I should be going in.
Thanks!
Last edited: