Open gloatoriginal opened 3 months ago
I noticed something similar. I wanted to route a 10.x.y.y network over the link i set up and assumed that the 0.0.0.0/0 'allowed ips' would thus permit that to work. Only via the 'wg' cli was I able to see that it didnt honor this; as well as noticing with TCPDUMP that packets went in on one side, but didnt come out on the other.
It only worked if I added the prefix to the 'additional IPS' entry.
Basically what I see. When I edit, the clients "Allowed IPs" nothing really changes in the config. When i add the desired network in "Extra Allowed IPs" the network is added in the config right after allocated IP. The UI itself keeps the settings correct, but does not propagate them to the config. Running the latest container.
Currently I have set a client up via wireguard-ui:
When I go into the wireguard-ui container I am seeing that it's only allowing IPs for the wireguard network:
What's going on that I'm not understanding in this setup? When I had initially set this wireguard up it had no issues, but this seems counter intuitive to what's happening with the backend wireguard.