A few years ago, I had Allowed_ips does not influence route commands open to discuss the fact that the route commands when starting wireguard client does not take the allowed ip's into consideration. I have now upgraded my XE3000 to RM520NGLAAR01A07M4G (4.7.4), and the problem has re-appeared. Further, the whole scripting has changed, so I cannot use the previous fix. Additionally, it seems like there is an option called route_allowed_ips, but even setting it to 1 makes no change: As soon as a start my wg client, I can only connect to IP ranges that are in the allowed ip list. This is the contents of my config file:
[Interface]
Address = 192.168.13.16/32
ListenPort = 51788
PrivateKey = xxxxx
DNS = 192.168.2.3,1.1.1.1
MTU = 1400
Since the existence of allowedIPs, you can only access these network segments through VPN, and other traffic should directly access the Internet through the WAN interface.
Is other traffic currently inaccessible to the internet?
Have you disabled the Block Non-VPN traffic (Kill Switch)?
Yes, Block Non-VPN was already disabled (by default). My goal is that only traffic to to the CIDR's in allowed ips is sent over the VPN tunnel while all other traffic is sent directly (i.e. via the 4G modem). But as soon as I enable WG, traffic to other traffic is blocked. E.g. ping 1.1.1.1 shows (my router is 192.168.6.1 and not the gl inet default):
PING 1.1.1.1 (1.1.1.1) 56(84) bytes of data.
From 192.168.6.1 icmp_seq=1 Destination Host Unreachable
If I replace allowed ips by 0.0.0.0, all traffic is sent via the VPN as expected, but that is not what I want.