Use wireguard for Yazfi

Chewie420

Regular Contributor
Just updated my RTAX88U to Merlin’s 388.1

I configured my wireguard for VPN client and everything is working great but in Yazfi I seem to only have the option to connect to my OpenVPN client connections.

If I change the subnet I created in VPN director to 192.168.111.0/24 to use the WG client I can connect but no internet.

is there a way to change this?
 
Last edited:

Chewie420

Regular Contributor
Since Jack apparently isn't actively developing his scripts anymore due to moving on to other hardware. It will likely take someone else, unless @Jack Yaz specifically chimes with with suggestions, to go through the YazFi scripting on their own and figure out how to add WireGuard support.

Oh that really sucks but thanks for the answer. I can't belive Asus just doesn't allow you to create a new subnet for your Guest Wifi.
 

visortgw

Very Senior Member
Asus sort of does that. If you disable Intranet access on guest network 1, firmware creates .101 subnet for 2.4 GHz and .102 subnet for 5 GHz.
 

Chewie420

Regular Contributor
Asus sort of does that. If you disable Intranet access on guest network 1, firmware creates .101 subnet for 2.4 GHz and .102 subnet for 5 GHz.
Oh thanks I didn’t know this. What happens if I have 2 5 GHz guest wifi with no intranet on.

it makes a subnet with 192.168.1.101 or 192.168.101.xxx

thanks again.
 

visortgw

Very Senior Member
Only guest 1 is subnetted.
 

ZebMcKayhan

Very Senior Member
If I change the subnet I created in VPN director to 192.168.111.0/24 to use the WG client I can connect but no internet.
YazFi Firewall rules will prohibit connection between guest network and Wireguard interface. You could add your own just as I did for wgm.

assuming your Wireguard interface is wgc1 it could look something like this for 1st 5GHz network:
Code:
iptables -I YazFiFORWARD -i wl1.1 -o wgc1 -j ACCEPT
iptables -I YazFiFORWARD -i wgc1 -o wl1.1 -m state --state RELATED,ESTABLISHED -j ACCEPT

you could try them out directly in ssh and when you found they are working, you could put them into Yazfi custom script file, i.e.:
Code:
/jffs/addons/YazFi.d/userscripts.d/wg-yazfi.sh

but the rules only allow access, it will not route the guest network, so you still have to add the rule in VPNDirector. After that it is hopefully working.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top