IP-Range for Clients on wireguard server?


is there any possibility to give wireguard clients a specific range of IPs?

If I choose for wireguard server it starts the clients from, but I want to start them from Just an example.


This feature is not currently supported. You can only modify the wireguard config file manually with SSH.
Can you tell us about your scenario?

When you change the subnet of the vpn, don’t use the same subnet as your lan.

ah, ok, thanks for the info.
I tried first to implement the Brume 2 into DMZ on my ipfire with no success.
the DMZ on ipfire is set to, so the LAN should be on (or smth like that) with the range of to or smth like that. The VPN subnet must be smth like But then I get no connection. So I tried to implement it to the green network (internal) of the ipfire to test it there.

There I have some machines, which running on to (as example). So I choose for the LAN ob Brume2. But if I choose the VPN server also to, it gives me clients beginning with

Now I understand, I should not choose the same subnet. So the VPN must have f. e. Then I would have no problem with clients. But as it seems I don’t really understand the VPN and subnet thing enough. How can the VPN server have his own subnet without having another network card? So is it some ‘software subnet’ or how can I understand it?

Because the ipfire has several network cards, so it can have several subnets, for which I can make rules in the firewall. But if I have the LAN adress of the Brume2, I can manage it within the firewall, but how should I manage the rules for the VPN server, which runs on a different subnet without another network card?

I’m not sure, if I can really explain this problem, sorry :smiley:

It is a virtual subnet. At the application layer it looks like communication through another Network interface controller.

ah, ok, so it should work with the LAN of the ipfire interface and some other subnet on the wireguard server. Then the range doesn’t matter.