Home Network Community > Deco > Wireguard client ignores "AllowedIPs" setting
< Deco

Wireguard client ignores "AllowedIPs" setting

Wireguard client ignores "AllowedIPs" setting

Wireguard client ignores "AllowedIPs" setting
Wireguard client ignores "AllowedIPs" setting
Thursday
Tags: #VPN #WireGuard
Model: Deco X10  
Hardware Version: V1
Firmware Version: 1.3.0

I have a Wireguard VPN back to my work office.

The config file contains the line "AllowedIPs = 10.0.0.0/16" such that only the 10.0.x.x subnet should go over the VPN.

All other traffic should be routed out via my "non-VPN" home Internet link.

 

Using the Wireguard Windows & Android clients, this routing works correctly.

 

Unfortunately, if I add a Deco VPN link using the same Wireguard config, *ALL* my traffic gets routed over the VPN.

The "AllowedIPs" setting is ignored.

 

Is this by design or a bug?

If by design, can an option be added to allow the "AllowedIPs" setting to be correctly used?

 

Cheers

  0      
 
  0      
 
#1
Options
3 Reply
Re:Wireguard client ignores "AllowedIPs" setting
Friday

  @MPFJ 

Hi, thank you very much for the feedback.

It is by design.

The engineer has also shared a workaround if you're interested:

  • Add a static route using the Command prompt on the clients themselves, such as the Windows PC to pass 0.0.0.0 to 192.168.68.1(the LAN IP of Deco).

route add -p 0.0.0.0 mask 0.0.0.0 192.168.68.1 metric 
  • Then"table=off" in the WireGuard VPN client config file.

 

Best regards.

Check What's Currently Going on With DecoDeco Wi-Fi Heatmap ready for all Deco models
  0  
  0  
#2
Options
Re:Wireguard client ignores "AllowedIPs" setting
Friday

  @David-TP Thank you for the reply.

 

That is an unfortunate design decision as some of the network devices I use do not have any accessible method of adding static IP routes.

 

Is it not possible to add a feature allowing the "AllowedIPs" setting to be used?

I can't believe I'm the only person using your routers that this would benefit.

 

Other than this issue, I'm thoroughly impressed with the X10 mesh you have created.

 

Cheers

  1  
  1  
#3
Options
Re:Wireguard client ignores "AllowedIPs" setting
13 hours ago

  @MPFJ 

Hi, thanks for the update.

I have seen this feature request before, and it has also been forwarded to the engineering team for further evaluation. But it hasn't been decided whether or when it can be achieved on the Deco App directly.

Best regards.

Check What's Currently Going on With DecoDeco Wi-Fi Heatmap ready for all Deco models
  0  
  0  
#4
Options

Information

Helpful: 0

Views: 122

Replies: 3

Tags

VPN WireGuard
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.