Surfshark Wireguard VPN on ER605 with SDN Controller
Hello all. I have a ER605 v2 (v2.3.0 firmware) on the v5.15.24.18 Omada SDN Controller.
Have successfully setup my whole LAN to use the Wireguard VPN (I am using the Surfshark provider). For that, in the configuration, I've set on the peers config the "0.0.0.0/0" subnet.
I actually want to use a subset of my IPs that I have set apart for clients that actually need to be protected through the VPN, so I have changed the peers config to that particular subnet.
The problem: when I do this, the ER605 gateway routing table sets the 9999 priority for that subnet... so all traffic is prioritized outside of the VPN, even if the IPs are on that subnet range. Anyone knows how to go around this limitation, since I apparently cannot edit the routing table manually using the SDN controller?
Ideas appreciated; cheers.
@Vincent-TP Thank you for the reply. Please find below the answers to the questions.
the ER605 gateway routing table sets the 9999 priority for that subnet
>>>Could you please share a screenshot showing the priority number?
>>> >>> Attached.
so all traffic is prioritized outside of the VPN, even if the IPs are on that subnet range.
>>>How did you find this? Could you please list some examples? For example, VPN clients always have higher speed than non-VPN clients, or what else?
>>> >>> In this case, checking with sites like whatsmyip or others like that - I can see my ISPs (I have two) external addresses, not the Surfshark servers' IPs.
Please also share some screenshots of the VPN configs so we could better understand the situaiton.
>>> >>> Attached.
One idea that occurred to me is to use the CLI to manually change that route priority (from 9999 to 0); would that be possible and recommended in this case? If yes, what would be the safer method to do it?
Cheers.