From: "Björn Fries" <ml-wireguard@oern.de>
To: wireguard@lists.zx2c4.com
Subject: Re: Is it possible to disable wireguard on specific Wi-Fi ?
Date: Fri, 22 Apr 2022 11:51:17 +0200 [thread overview]
Message-ID: <94ddb2e7-9181-1a38-1b35-3e1a9766846e@oern.de> (raw)
In-Reply-To: <fd11943c-99e1-d0a0-b28b-de7d5c617eb3@oern.de>
Am 22.04.22 um 08:16 schrieb Björn Fries:
> the way I solve this is that I use a slightly larger /23-subnet in the
> AllowedIPs=192.168.87.0/23
>
> and when I get a local IP inside 192.168.87.0/24 at home, the kernel
> automatically uses the more specific route.
an example:
my laptop e.g. has
Address = 172.22.247.58/32
PrivateKey = xxx
[Peer]
PublicKey = xxx
AllowedIPs = 172.22.144.1/32, 192.168.0.0/23
Endpoint = myhomeIP:51820
PersistentKeepalive = 25
172.22.144.1/32 is the wireguard-IP of my wireguard-server at home.
This way I can reach for example my printer at 192.168.0.10 even if I am
on the move, because my wireguard server is installed on my router at
home (Unifi USG-3P).
The printer sends it packets for 172.22.247.58 simply to its default
gateway, which is my router/wg-server, that forwards it over wireguard.
When I'm in my network at home, my laptop gets the IP 192.168.1.72/24
and automatically talks to the other devices in the LAN without taking
the wireguard route, because the subnet is more specific.
next prev parent reply other threads:[~2022-04-22 9:51 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-18 2:12 Nohk Two
2022-04-22 6:16 ` Björn Fries
2022-04-22 9:51 ` Björn Fries [this message]
2022-04-22 13:00 ` Nohk Two
2022-04-22 11:05 ` Nohk Two
2022-04-22 13:40 ` Björn Fries
2022-04-22 15:55 ` Nohk Two
2022-04-22 13:36 ` Jason Grant
2022-04-22 18:23 ` Kai Haberzettl
2022-04-23 2:01 ` Nohk Two
[not found] <77422@imapsync>
2022-04-22 9:29 ` wireguard
2022-04-22 12:08 ` Nohk Two
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=94ddb2e7-9181-1a38-1b35-3e1a9766846e@oern.de \
--to=ml-wireguard@oern.de \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).