From: Anatoli <me@anatoli.ws>
To: wireguard@lists.zx2c4.com
Subject: Re: VPN - excluding local IPs
Date: Thu, 21 Mar 2019 03:07:49 -0300 [thread overview]
Message-ID: <0e8f7579-de29-e847-0431-3c6fb32b05bb@anatoli.ws> (raw)
In-Reply-To: <18914224.dsVBvaN9Bx@bot>
[-- Attachment #1.1: Type: text/plain, Size: 1656 bytes --]
Andreas,
Check the Table option here:
https://git.zx2c4.com/WireGuard/about/src/tools/man/wg-quick.8.
wg-quick adds some routes and rules, you can see them with: ip rule show
(check the line containing fwmark, it ends with the routing table
number) and then check the routes in the corresponding table with: ip
route show table xxx. Basically, if you omit the Table option, wg-quick
will add the necessary routes to send all traffic via the tunnel when
you specify AllowedIPs = 0.0.0.0/0. You can add routes to your local
networks/devices for connections to them to go outside the tunnel in the
PostUp option in the wg-quick config.
Regards,
Anatoli
*From:* Andreas Hatzl <andreas@hatzl.org>
*Sent:* Thursday, February 21, 2019 12:08
*To:* Wireguard Mailing List <wireguard@lists.zx2c4.com>
*Subject:* VPN - excluding local IPs
Hi,
I have successfully set up a wireguard VPN between my notebook (Manjaro behind
NAT) and my virtual server (ubuntu 18.04). The only "issue" left is that I
can't connect to local devices on the client while using wireguard. Is there a
way to exclude an IP range from using wireguard?
my client config:
[Interface]
Address = 10.x.y.z/32
PrivateKey = xyz
[Peer]
PublicKey =xyz
Endpoint = xyz:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 21
I am aware that the solution for this has most likely been posted a lot of
times but I can't find anything on the Wireguard page or Google.
It would be great if somebody could help me with this.
Thanks
Andreas
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
[-- Attachment #1.2: Type: text/html, Size: 3234 bytes --]
[-- Attachment #2: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
next prev parent reply other threads:[~2019-03-23 0:00 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-21 15:08 Andreas Hatzl
2019-03-21 6:07 ` Anatoli [this message]
2019-03-21 18:50 ` Dmitrii Tcvetkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0e8f7579-de29-e847-0431-3c6fb32b05bb@anatoli.ws \
--to=me@anatoli.ws \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).