Blocked devices are not accessible via VPN Client

Having running a Wireguard VPN Server. All is fine except one issue: I can not access LAN devices which are blocked via connected wireguard roadwarrior clients. Any help to overcome this restriction is very much appreciated!

What do you mean by “blocked”?
Can you provide a network diagram (maybe made with draw.io)?

Clients which are blocked via “Clients Access Control Blocklist” via MAC Adress…

Where is this option / which device block them?

You can block LAN connected devices at “Devices” menu (left side) via “Blocklist”. These blocked devices can not access the internet (e.g. Webcams).

Ah, I see.

I am not sure if it’s done by MAC, tbh. But yeah, I know this option.
Since this option will block routing them, I think it will block VPN access to them as well - so yeah, you are right.

Not sure if it’s possible to overcome this restriction.

1 Like

Okay, thats the issue I am searching a solution for… Seems this in unresolveable… What a pity…

The best way would be to introduce another LAN (so a VLAN, of course) for those IoT devices.
But I am afraid that for this you will need to go with luci instead of the GL GUI.

Thx, for answering. Sounds quite complicated - any source on how this can be done via VLAN?

When you block devices in the client list, they are blocked to access the Internet and "any network", unfortunately.

I think you want to secure these devices, don't allow them to be accessed from the Internet, not blocking them to access the Internet, right?

If you only allow vpn server, don't open any ports and do port forward, it should be fine.

Not exactly - it is more the other way round - I don't wan't some devices to access internet from lan (e.g Webcams) but I want to access these LAN devices from outside via VPN Client connected to the VPN-Server...