I just bought a Brume 2 that I will be using it as my WireGuard VPN server and a brume as the vpn client. I would like to know if anybody else use a firewall device behind a GL to only allow traffic from and to the VPN server? As an extra precaution to block leaks.
The only publically exposed port that’s opened by GL’s WG Server is the default for WG, :51820.
opkg update; opkg install nmap .
nmap -sU -p 51820 192.168.8.173 | grep udp
51820/udp open|filtered unknown
I’m not looking into the WAN-exposed port. I’m looking for an extra step to prevent my traffic from leaking my IP. If the VPN stops working and the non-block VPN feature does not work, I would have a firewall equipment to prevent my traffic from leaking to the internet.
It sounds like you want a VPN router linked to another VPN router so if one fails then the other saves you, but if both fail together then its squeaky bum time!
It doesn’t sound like; it is what OP’s seeking. GL firmware doesn’t support tunnel-in-tunnel on one device OOTB.