GL-MT1300 Wireguard client - can't access local network of wireguard server on MT1300 wifi clients

Hi all,

I’ve configured the wireguard client on my MT-1300 and can confirm it is working fine. I’m hosting my own wireguard server. What I can’t manage to do is the following : I want all wifi clients of the MT-1300 to have access to the devices on my home network where the wireguard server is located.

This is something I actually manage to do if I remove the MT-1300 wireguard client from the equation: IF the wireguard client is residing on the device itself (say on an iPhone or laptop), then I can actually access all my remotes machines through the VPN tunnel.

So, it seems logical that there is additional configuration to do at the level of the MT-1300. In the firewall maybe?

My guess is that there is some sort of subnet problem. You have the subnet of the MT1300 dhcp (192.168.8.X), then the subnet of the wireguard service itself (10.10.10.X), and the subnet of my home network where the wireguard server is residing. Should I disable the M1300 dhcp server ? Is it what is blocking access to machines on my distant home network even though there is an actual VPN tunnel to there ?

I’m at a loss, please help :slight_smile:

Cheers!

Are the wifi clients at least able to access the Internet through the VPN tunnel when the GL-MT1300 is connected to the home WireGuard server?

I do not work for and I do not have formal association with GL.iNet

ok, I found the “solution”. The way wireguard configuration is implemented in the GL-iNet web UI makes it impossible to have multiple subnets in the allowedIPs field.

By connecting via SSH to the router and configuring wireguard and static routes manually, I was able to have both site-to-site communication with my home network AS WELL AS internet traffic, all going through the VPN tunnel.

2 Likes

Hi, I’m currently trying to achieve the same.
Could you please share the configuration / rules you are using for this?

edit
nvm just found out one single route command is enough.
In my case (wg server is 172.16.0.1 and local subnet behind wg server is 192.168.1.0/24):

 ip route add 192.168.1.0/24 via 172.16.0.1 dev wg0
1 Like