What's new

Use wireguard for Yazfi

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Chewie420

Regular Contributor
Just updated my RTAX88U to Merlin’s 388.1

I configured my wireguard for VPN client and everything is working great but in Yazfi I seem to only have the option to connect to my OpenVPN client connections.

If I change the subnet I created in VPN director to 192.168.111.0/24 to use the WG client I can connect but no internet.

is there a way to change this?
 
Last edited:
is there a way to change this?
Since Jack apparently isn't actively developing his scripts anymore due to moving on to other hardware. It will likely take someone else, unless @Jack Yaz specifically chimes with with suggestions, to go through the YazFi scripting on their own and figure out how to add WireGuard support.
 
Since Jack apparently isn't actively developing his scripts anymore due to moving on to other hardware. It will likely take someone else, unless @Jack Yaz specifically chimes with with suggestions, to go through the YazFi scripting on their own and figure out how to add WireGuard support.

Oh that really sucks but thanks for the answer. I can't belive Asus just doesn't allow you to create a new subnet for your Guest Wifi.
 
Asus sort of does that. If you disable Intranet access on guest network 1, firmware creates .101 subnet for 2.4 GHz and .102 subnet for 5 GHz.
 
Asus sort of does that. If you disable Intranet access on guest network 1, firmware creates .101 subnet for 2.4 GHz and .102 subnet for 5 GHz.
Oh thanks I didn’t know this. What happens if I have 2 5 GHz guest wifi with no intranet on.

it makes a subnet with 192.168.1.101 or 192.168.101.xxx

thanks again.
 
Only guest 1 is subnetted.
 
If I change the subnet I created in VPN director to 192.168.111.0/24 to use the WG client I can connect but no internet.
YazFi Firewall rules will prohibit connection between guest network and Wireguard interface. You could add your own just as I did for wgm.

assuming your Wireguard interface is wgc1 it could look something like this for 1st 5GHz network:
Code:
iptables -I YazFiFORWARD -i wl1.1 -o wgc1 -j ACCEPT
iptables -I YazFiFORWARD -i wgc1 -o wl1.1 -m state --state RELATED,ESTABLISHED -j ACCEPT

you could try them out directly in ssh and when you found they are working, you could put them into Yazfi custom script file, i.e.:
Code:
/jffs/addons/YazFi.d/userscripts.d/wg-yazfi.sh

but the rules only allow access, it will not route the guest network, so you still have to add the rule in VPNDirector. After that it is hopefully working.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top