Replace OpenVPN client with Wireguard
Hi,
I have an ER7206 with the following setup:
Port 1: WAN connected to internet with VDSL (VLAN 4094)
Port 2: WAN/LAN1 (using as WAN) connected to internet with fibre (VLAN 4093)
Port 3: empty
Port 4: VLAN 2 with wireless AP for Subnet 10.0.2.0/24
Port 5: VLAN 1 with wireless AP for Subnet 10.0.1.0/24
I am using VLAN 2 with a permanent VPN connection to NordVPN (connecting with OpenVPN Client).
In the OpenVPN client configuration I define 10.0.2.0/24 as the local network with the result that every client connected to VLAN 2 is automatically connecting to Internet through the NordVPN server configured in the OpenVPN client.
All clients connected to VLAN 1 are not using VPN but go straight to WAN and/or WAN/LAN1 (depending on load balancing and link backup settings).
I would like to replace OpenVPN with Wireguard for performance reasons (performance is a multiple of OpenVPN performance).
I managed to connect to NordVPN with Wireguard and all traffic is being tunneled to the configured NordVPN server. Success!
Unfortunately though, it is ALL traffic from ALL subnets that goes directly through the VPN tunnel.
This leads me to the following questions:
Is there a way to only tunnel traffic coming from VLAN 2 through Wireguard?
If not can we expect a feature "Local Network" as it exists for OpenVPN also for Wireguard in a future release?
Also, it is. not possible to select the WAN interface for Wireguard.
Does that mean it is routed randomly through either WAN? How do I find out which one? Is it maybe even loadbalanced through both if loadbalancing is activated?
Sorry if these are stupid questions. My networking know-how is somewhat limited.
Thank you very much for your support.
BigPat