Hello everyone,
I’m new to Teltonika and am impressed with the gear so far and the capabilities of RutOS.
I have a RUTX50 (latest firmware) and my LAN and a VLAN “guest” (for guest access) are both currently forwarding traffic to the WAN. This is all good, but what I want is my LAN alone to go via a WireGuard (single peer) interface as default gateway. I want all traffic from LAN to go via this VPN whereas all guest traffic on that separate VLAN to go via the WAN only and not the VPN.
When I set the WireGuard peer “Allowed IPs” to “0.0.0.0/24” and “Route allowed IPs” to “on” then both LAN and “guest” VLAN are routed via the VPN. Remember I want “guest” via WAN only but otherwise the LAN is fine.
If I set the Allowed IPs to my LAN network then I find routing just completely breaks on my LAN. I can’t even access the RUTX50. Guest VLAN is fine, It routes traffic via the WAN but my LAN is somehow borked and unusable.
If I disable “Route allowed IPs” my LAN comes back to life, but my LAN is not going via WireGuard (as there is no default route).
What can I do to fix this. I was hoping “Route Allowed IPs” would be the solution but maybe I need a static route or a policy route or a traffic rule?
Update: I noticed this post Routing through Wireguard VPN and "regular" Internet - #3 by AndzejJ where AndzejJ had suggested setting up Policy Based Routing. I tried that but it’s not working. I’m unsure if I should have set the IPv4-Gateway in the route and for the rule whether I should have set the incoming interface as well as the Source subnet.
# ip route show table 244
0.0.0.0/24 dev wg-vpn proto static scope link
Any help would be much appreciated.
Thanks,
Ant