Selectively route clients to a separate Wireguard proxy server

[Chris_J]

I'm wondering whether this is possible to do on the AC86U router. I'm thinking about setting up a RPi that will run a proxy server with a Wireguard VPN connection and maybe Pihole+Unbound, but I only want certain clients to route via the proxy server.

Are there settings available to do this?

 

[heysoundude]

if your router is running Merlin's firmware, I would suggest you go have a poke around at diversion.ch, and look for amtm while you're there.
you should find everything you need to accomplish what you're looking to, all made to order to work with Merlin on your router...except WireGuard.
For that, there's plenty of guidance to be had here: https://www.snbforums.com/threads/experimental-wireguard-for-rt-ac86u-ax88u.46164/
if you're up to spinning up PiHole and Unbound on a RasPi, all of the above should be an easy hour or 2 of reading and setup.

 

[Chris_J]

Sorry, I should have mentioned, I am already enjoying the latest Merlin firmware along with Unbound + Adblocking. I've been toying with the idea of moving this to a RPi that would be running other projects too.

I think my only option would be to manually configure each client that I would like to use the Wireguard connection.

 

[heysoundude]

Sorry, I should have mentioned, I am already enjoying the latest Merlin firmware along with Unbound + Adblocking. I've been toying with the idea of moving this to a RPi that would be running other projects too.

Full disclosure is always helpful.
You’re considering moving functionality off the router why? This stuff is pretty light and fairly highly optimized- it wouldn’t speed up your network in any noticeable or significant way. For that you’d need a monster pipe.


Sent from my iPhone using Tapatalk

 

[Chris_J]

Full disclosure is always helpful.
You’re considering moving functionality off the router why? This stuff is pretty light and fairly highly optimized- it wouldn’t speed up your network in any noticeable or significant way. For that you’d need a monster pipe.

I created this thread in order to learn about selective routing to a Wireguard proxy server, so full disclosure of what other add-ons I was running was not really necessary, hence the exclusion from the post. My intension to move Unbound to the Pi is not to increase network speed, but since I am looking to test out PiHole, I felt that Unbound would have a better home on the Pi hardware. Again, I'm not sure how this is relavent, so I only mentioned it in passing.