Wireguard Server - Split Tunnel
So i wanted to set up a split tunnel for wireguard server of FWG and only route traffic through the VPN for
- DNS queries
- Home Intranet
The changes I made to the profile are
- The DNS for the profile is set to 10.20.151.1
- In the Peers section, changed the Allowed IP's from 0.0.0.0/0 to the range of Wireguard's network: 10.20.151.0/24. This will enable forwarding all DNS queries to FWG.
- Added an additional Peer with an allowed IP range of 192.168.0.0/16. This will alow traffic to all my internal IP ranges via VPN.
The screenshots are at the below URL.
https://imgur.com/gallery/1INfihX
-
Thanks for this info..
Doesn't this however, restrict all internet access on the client to just the 'allowed IPs' in the Peer? i.e. so that you can't access anything else at all on that machine?
E.g. I'm trying to just push any request for one IP over the VPN... but when I add something like this:AllowedIPs = 192.168.2.10/32
to the WireGuard profile [Peer] section - I then lose access to every other network connect EXCEPT that one IP address.
Is it possible to just push one IP over the VPN, and leave all other requests to go via the existing local connection?
Please sign in to leave a comment.
Comments
1 comment