Different VPN per site? Flint AX & WireGuard

Routers
21

oh… I think you need some modifications for this I remember :slight_smile:

you need to install first:

opkg install pbr-iptables and over this you install luci-app-pbr, if you don’t do it this way the nft version gets installed which does not work.

22

that’s makes sense, the pbr one for nft

23

@xize11 what does br-lan.XX means ?

so it seems all set up but i got this :

ERROR: The ipset name β€˜pbr_wgclient_4_dst_net_cfg056ff5’ is longer than allowed 31 characters!

24

these are devices which I want pbr to ignore which does not reflect your config, however in your configuration this might not be necessary, I did this because I do have more than 10 networks :slight_smile: and pbr wants to loop through every if/up event when the boot process started which easily takes me 10 minutes if i had these options removed :stuck_out_tongue:

ah you need to make your rule names smaller, I believe in newer versions this might have been changed again.

25

i tried making it less character rule names but it still show the error, i tried search on google and found on forum openwrt the interface name that needs to be shorten

root@GL-AX1800:~# service pbr restart
Removing routing for 'wan/eth0/192.168.55.1' [βœ“]
Removing routing for 'wgclient/XXXXXXXXXXXXXX' [βœ“]
Restarting dnsmasq [βœ“]
pbr 1.1.5-1 (iptables mode) stopped [βœ“]
Command failed: Not found
Using wan interface (on_start): wan
Found wan gateway (on_start): 192.168.55.1
Setting up routing for 'wan/eth0/192.168.55.1' [βœ“]
Setting up routing for 'wgclient/XXXXXXXXXXXXXXXXX' [βœ“]
Routing 'Bank' via wan [βœ“]
Routing '150' via wgclient [βœ“]
Routing '160' via wgclient [βœ“]
Routing 'TWIP' via wgclient [βœ“]
Routing 'TWD' via wgclient [βœ“]
Routing 'TGIP' via wgclient [βœ“]
Routing 'TGD' via wgclient [βœ“]
Routing 'TR' via wgclient [βœ“]
Routing 'IPL' via wgclient [βœ“]
Routing 'OWRT' via wgclient [βœ“]
Restarting dnsmasq [βœ“]
pbr 1.1.5-1 monitoring interfaces: wan wgclient
Command failed: Invalid argument
pbr 1.1.5-1 (iptables mode) started with gateways:
wan/eth0/192.168.55.1 [βœ“]
wgclient/XXXXXXXXXXXX
ERROR: The ipset name 'pbr_wgclient_4_dst_net_cfg056ff5' is longer than allowed 31 characters!
26

i guess it should be fine, it is because its called wgclient but then with the automatic attachment behind it, though from what i can remember since i used this type of setup it still wil work but that was from some time ago.

1 Like
27

yup same thought, i’ll try traceroute every each of the config and all routed thru wireguard, and by the way THANK YOU SO MUCH for everything :blush:

1 Like