Business Community > Gateways > Conditional Routing Wireguard
< Gateways

Conditional Routing Wireguard

Conditional Routing Wireguard

Conditional Routing Wireguard
Conditional Routing Wireguard
a week ago - last edited a week ago
Tags: #VPN #ACL #Routing #WireGuard
Model: ER707-M2  
Hardware Version:
Firmware Version: 1.2.3

Hi, 

 

I need to route the entire traffic from a few clients through a wireguard tunnel.

 

I asked 2023 for that feature and implementation was planned for  Q1 2024.

Can someone confirm that it is possible nowadays?

https://community.tp-link.com/en/business/forum/topic/621198

https://community.tp-link.com/en/business/forum/topic/621148

 

Thank you

  0      
 
  0      
 
#1
Options
3 Reply
Re:Conditional Routing Wireguard
a week ago

Hi  @bsz 

Thanks for posting in our business forum.

When configuringthe Wireguard VPN, the Allowed IP on the client side should be 0.0.0.0/0, and the Allowed IP on the server side should be the WireGuard Interface IP of the peer.

For detailed configuration, please refer to the How to configure WireGuard VPN on Omada Router in Standalone mode

• The above guide uses Windows WireGuard software as an example for the client. If using the official Omada VPN software, there is no Allowed IP option, so just simply enable Full Tunnel.

• The configuration is the same for the client using Omada gateway. Please note that the Allowed IP on the client side being proxied should be all zeros, while the Allowed IP on the server side providing the proxy should be the WireGuard Interface IP (i.e., the Local IP Address).

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#2
Options
Re:Conditional Routing Wireguard
a week ago

  @Hank21 

thank you for the answer, but that is not the requirement.

there is no Wireguard on any client computer.

the tunnel is setup on a gateway (site-to-site)

 

i want to route SOME clients (all traffic) through the tunnel

by a rule on the gateway.

i want to route SOME clients (only necessary traffic) through the tunnel

by a rule on the gateway.

 

it is doable on a a unifi (Unifi Gateway Policy-Based-Routing)

 

  0  
  0  
#3
Options
Re:Conditional Routing Wireguard
Thursday

 Hi @bsz 

Thanks for your valuable reply.

 

There is no policy route on Wireguard. So with Wireguard it is all or nothing when the router is a pure client, while OpenVPN has a bit more choice, you can choose source network which is allowed to access the Internet via VPN tunnel.

For more information about OpenVPN, you can refer to this guide.

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#4
Options

Information

Helpful: 0

Views: 127

Replies: 3

Tags

VPN ACL Routing WireGuard
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.