Open samip5 opened 4 years ago
ujhede
commented
4 years ago wg-quick is not needed on the Edgerouter platform. The interface configuration that wg-quick does on linux is done by the Edgerouter configuration scripts included in the package.
samip5
commented
4 years ago wg-quick is not needed on the Edgerouter platform. The interface configuration that wg-quick does on linux is done by the Edgerouter configuration scripts included in the package.
Please enlighten me how to configure a WG interface so it can be used with Policy Based Routing as a default gateway?
P.S The AllowedIP's don't allow 0.0.0.0/0 as it conflicts with already existing route and I don't want my EdgeRouter's default route to be the WG interface.
ujhede
commented
4 years ago Maybe a bit beyong the scope of this issues section and more for the Ubiquiti forums. The config is not really different form any other pbr config.
If the below explanation is not enought for you to get it workign then i suggest you post your config on the Ubiquiti Edgerouter forum.
You will need to leave routing up to the ER routing and keep route-allowed-ips to false.
Then create a new routing table that routes to the wg interface, somthing lige this:
table 60 {
description Wireguard
interface-route 0.0.0.0/0 {
next-hop-interface wg0 {
}
}
route 0.0.0.0/0 {
blackhole {
distance 255
}Then you create a firewall modify rule to modify the routing table to your new wg table. Something like this: Rule 1 is to avoid lan to lan traffic to be routed over the tunnel.
modify wg {
rule 1 {
action modify
destination {
group {
address-group LAN_NETS
}
}
modify {
table main
}
}
rule 10 {
action modify
modify {
table 60
}
}Finally assign you modify rule to the in on you LAN interface and add whatever policy you want.
vif 60 {
address 192.168.60.1/24
firewall {
in {
modify wg
}
}
}
To my understanding wg-quick is part of the userpace tools, right? If so, they're not included in the package?