How to build a site to site network with two ar750s for lan game play

how to build a site to site network with two ar750s for lan game play with an xbox 360 or computers?

you could use something like zerotier to create a software defined network between devices.

You can set up on as WireGuard Server, and another acts as WireGuard Client. When the connection is established, there is no additional configuration is required, you can access the Server’s LAN by default.

I have a ar300m and a ar750s would this work? both are running v3

Yup, it can work, but the server side must have a public IP address. You can have a try.

Wait, what?! The default firmware 3 Wireguard setup gives the VPN client access to the VPN Server’s LAN clients?

Yeah, it is the default behavior, but we will change, will add an option for users.

Please explain which configuration changes you make to allow VPN Server LAN access from the VPN Client. Is it simply adding the LAN IP range in the AllowedIPs in the VPN Client?

Please edit the shell script /etc/init.d/wireguard, just need to remove this part.

What happens when you change the AllowedIPs in the VPN Client. Which config files are changed if you change this via the v3 GUI in the VPN Client Wireguard area?

Sorry, this answer does not make sense to me. The lines included in the red box appear to instruct the firewall to allow messages from the VPN Server LAN to the VPN Client, no?

If you remove those lines from the config file, wouldn’t that prevent (drop) packets from the VPN Server’s LAN back to the end of the WG tunnel, i.e. the VPN Client?

And also from my other post in this thread, what specific changes are made to the config when the AllowedIP are changed?

Sorry for my mistake. What you want to do is access WireGuard Client’s LAN device from WireGuard Server side, right?

If so, you should edit the file /etc/config/wireguard_server on server side, please add the peer’s subnet. For example:

image

Sorry, no, the other way around. I want to access LAN clients behind my VPN Server from my VPN Client (and its subnet).

Please modify it as I mentioned above.

Sorry, your replies have not been consistent. I have no idea what you mean by “modify it as I mentioned above”. Can you try to give a more complete answer?

It is the default behavior. If you setup WireGuard Client on GL routerA, and setup WireGuard Server on GL routerB, when the WireGuard connection between routerA and routerB is established, you can access LAN clients behind your VPN server from VPN client side.

But if you also want to access LAN clients behind your VPN client from VPN server side, you have to modify as I mentioned above, if you don’t need this, you don’t need edit anything.

Are you assuming that the B has its LAN using 192.168.8.X? Will that make the A’s LAN start to pass out IP addresses in the same space? Or does it just tell A to send traffic bound for 192.168.8.X to the other side of the Wireguard tunnel?

Client and Server should have different subnet, such as routerA’s subnet is 192.168.8.0/24, routerB’s subnet should be 192.168.9…0/24.

can someone do a step by step guide on how to setup a zerotier on a glinet device on both devices with pictures please. i want to access both LANS

Thank you.

What specific changes are made to the config when the AllowedIP are changed?