Greetings, i own a rutx50, and i have setup wireguard with mullvad, and i was wondering if i can make the router VPN to affect only a specific local ip address, the one that my TV has. so the rest of the network is not under a VPN tunnel.
Kind regards,
Hello @dimitris156,
Thank you for reaching out.
Could you kindly clarify your required setup a bit further? From your description, if I understood correctly, you’d like to route all the traffic from your TV (a specific local IP address) through the WireGuard VPN tunnel you’ve set up while keeping the rest of your network traffic outside the VPN. Please correct me if I’m wrong.
Thank you!
Kind regards,
Hi there Martynas, yes that’s exactly what I want to do.
Thank you for confirming.
In this case, yes, the setup you described is achievable and involves a combination of wireguard client configuration adjustments and policy based routing rules. To configure this, please follow these guidelines:
1. Create a Policy-Based Routing Table
- Go to Network → Routing → Policy Based Routing
- In the “Add new instance” section:
- Choose a Table ID (e.g.,
400
)
- Enter a Name (e.g.,
wgtv
)
- Click Add
2. Add Static Route to the Table
- Inside the routing table configuration:
- Add a static IPv4 route
- Set Interface to your wireguard client
- Use the VPN server’s IP as the IPv4 Gateway
- Click Save & Apply
- Screenshot from my setup for reference:
3. Create a Policy Rule for the TV
- On the same Policy Based Routing page:
- Click Add under “Routing Rules for IPv4”
- Set:
- Incoming Interface:
lan
- Source Address: Your TV’s local IP with /32 (e.g.,
192.168.1.120/32
)
- Lookup Table: The one created earlier (e.g.,
400
)
- Click Save & Apply
4. Adjust WireGuard Client Peer Settings
- Navigate to Services → VPN → WireGuard
- Click Edit on your client configuration
- Scroll down and press Edit on peer’s configuration:
- In Allowed IPs, enter
0.0.0.0/0
- Go to Advanced Settings
- In Routing Table, enter the same Table ID (e.g.,
400
)
- Make sure “Route Allowed IPs” is unchecked/disabled
- Click Save & Apply
After completing the configuration, this setup should ensure that all traffic from your TV goes through the wg VPN tunnel.
Let me know if this helps or if you need assistance.
Best regards.
thank you for your reply Martynas, it worked. i just noticed 2 things i would like to mention, on the tv i used the website ipleak.net to check the info, IPV6 was “unreachable” or not valid,
and the DNS was not the VPNs DNS but instead my custom adguard ones i have set on the WAN table.
i dont think it matter since the IPV4 is the VPNs IP but i would like to have them tidy up if possible, and you have the time to explain it to me.
and part B, to spice things up, would it be possible this “routing” TV>VPN>internet to happen only when the TV tries to connect to a specific IP address/host (my IPTV provider), so VPN will only work when it connects to that IP, but the rest of the TV stays out of the VPN tunnel?
TV>internet
and when i use iptv which connects to a specific host/ip then
tv>vpn>iptv host.
Kind regards and thank you for your time!
1 Like