Development discussion of WireGuard
 help / color / mirror / Atom feed
* Using wg-quick without having it set routes
@ 2020-11-21 12:59 Nikolai Lusan
  2020-11-23 14:44 ` PGNet Dev
  0 siblings, 1 reply; 2+ messages in thread
From: Nikolai Lusan @ 2020-11-21 12:59 UTC (permalink / raw)
  To: wireguard

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

I have recently started using wireguard as a VPN between my home
network[s] and my external servers. In addition to this I have been
deploying it on other machines I would like to have connected to my
network via VPN (mostly friends who I want to have access to my
internal network, and me to their machines for remote admin/trouble
shoothing).

I am running Debian and had set things up using
/etc/network/interfaces.d/ files. I was wanting move to use wg-quick
with systemd - trying to bring up newly created interfaces on the main
server/termination point using wg-quick leads to wg trying to create
routes for all IP ranges in "AllowedIPs". I would like to be able to
_not_ have this happen, is it possible? Or should I just stick with the
interfaces.d file method and "auto wg[0-N]"?

- -- 
Nikolai Lusan <nikolai@lusan.id.au>
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEVfd4GW6z4nsBxdLo4ZaDRV2VL6QFAl+5DyUACgkQ4ZaDRV2V
L6RDvBAAsxW7dmnX8ObVkiv57IB2tgIUtdSkMNqcx75HfTp7WBBH0t2tq9LZRs8j
TcWrBXM1JK9MCcjtHTVDRZJaAXlwZlvvhnEUjEHkFiBHpU/3yTb053GZpGP2YYnE
al6z1EcifqDXTmO07w8TVhRmYMsS0hFnCtD6AxpS/OHRr676SVfNuyYt6KYeQnOW
0HrD7LkLyukOXtFMQ+0HO0Vd5+I4YN1w5eMKP7nakBEJSPjp5drxNqFVib+MvL4t
b/bNCU+nPvA4noVnsMTwx/Th7UalnqFrpeoQHmuxymGz0EzXuMgTQqdUyZcUPOhN
Hg09+0BQ9X1x8H1qE8BP0T24/tpe6qttqrk5gy7XVZcS/Vpum0GMoPMloBgQK/8t
Jezj2I4O9D+Tc2as/1CeOuqbAoHC6sldSMeJerUv5gihaHQ4Eux4qXcBqrLnKFV7
ndQI2+wmEkd25zYADeia03zbVgBD/Y6iHr9WCIOSaWvm6dFXfQfo+FssSnyqeIOs
f45Ww6n88fJfLLtTIs9eoM+JlnsoXZUWq+aKdloeMRxMfOmcGNUlZn7sa12Jq3dm
xjvI9Y1CTGL8soi6Zb7wrxK2wvr/svDaFYjy9oDd6IRZRAp3zcrnqElYyt7kXr4z
9hg9Vzo76Gh14rrE2Fof6R5HXbc8JgMSODvv9UelWgyMvG2Y/24=
=1T+E
-----END PGP SIGNATURE-----


^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: Using wg-quick without having it set routes
  2020-11-21 12:59 Using wg-quick without having it set routes Nikolai Lusan
@ 2020-11-23 14:44 ` PGNet Dev
  0 siblings, 0 replies; 2+ messages in thread
From: PGNet Dev @ 2020-11-23 14:44 UTC (permalink / raw)
  To: nikolai, wireguard

On 11/21/20 4:59 AM, Nikolai Lusan wrote:
> Hi,
> 
> I have recently started using wireguard as a VPN between my home
> network[s] and my external servers. In addition to this I have been
> deploying it on other machines I would like to have connected to my
> network via VPN (mostly friends who I want to have access to my
> internal network, and me to their machines for remote admin/trouble
> shoothing).
> 
> I am running Debian and had set things up using
> /etc/network/interfaces.d/ files. I was wanting move to use wg-quick
> with systemd - trying to bring up newly created interfaces on the main
> server/termination point using wg-quick leads to wg trying to create
> routes for all IP ranges in "AllowedIPs". I would like to be able to
> _not_ have this happen, is it possible? Or should I just stick with the
> interfaces.d file method and "auto wg[0-N]"?
> 


You can disable auto-route generation with

	Table = off


e.g.,

	Disable (auto) routing for Wireguard
	 https://shibumi.dev/posts/disable-routing-for-wireguard/

Of course, any required routing is then your responsibility ...

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2020-11-23 14:44 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-21 12:59 Using wg-quick without having it set routes Nikolai Lusan
2020-11-23 14:44 ` PGNet Dev

Development discussion of WireGuard

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://inbox.vuxu.org/wireguard

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V1 wireguard wireguard/ http://inbox.vuxu.org/wireguard \
		wireguard@lists.zx2c4.com
	public-inbox-index wireguard

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.vuxu.org/vuxu.archive.wireguard


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git