1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice

Welcome To SNBForums

SNBForums is a community for anyone who wants to learn about or discuss the latest in wireless routers, network storage and the ins and outs of building and maintaining a small network.

If you'd like to post a question, simply register and have at it!

While you're at it, please check out SmallNetBuilder for product reviews and our famous Router Charts, Ranker and plenty more!

Wireguard Server on my Network - Can I split the OpenVPN tunnel on AC86U to create a double-hop VPN?

Discussion in 'Asuswrt-Merlin' started by Chris_J, Mar 26, 2020.

  1. Chris_J

    Chris_J Regular Contributor

    Dec 10, 2019
    I'm trying to achieve a particular setup as follows:

    Wireguard Client -> LAN Network -> VPN Service on router (NordVPN) -> Internet

    I believe this is called a double-hop VPN, allowing a client to securely access my LAN but also route any outbound traffic over a commercial VPN provider.

    So far, I have set up a Wireguard server, which works beautifully and I can successfully access my home network from outside. I now would like all outbound traffic for any client on the WG VPN to be routed over the VPN client running on the router. My instinct was to add the WG server to the VPN client config page, but once I do this, I can no longer connect to the WG server. I presume this happens because it is also filtering the inbound traffic, which prevents the WG connection (perhaps Nord have the WG port closed).

    Is there a way to split the tunnel on the router and only allow outbound traffic to flow over this for a particular device? Or am I barking up the wrong tree entirely here!?