I have the following configuration
VPN server network 10.0.0.1
VPN client network 10.0.1.1
Lan network 10.1.1.1
Guest network 10.0.0.1
I connected slate to the guest network via Ethernet and connected to the VPN which assigned slate a 10.0.1.x ip.
The problem I am facing is that I cannot connect to any service running in the VPN server host subnet (10.0.0.x) as it's hitting the upstream Guest network first.
I guess the fix would be (since I can't change Guest) to change the VPN server network to a different range, but this is a lot of configuration change, my question is, could this be done in another way from the slate configuration? Thanks!I have the following configuration
VPN server network 10.0.0.1
VPN client network 10.0.1.1
Lan network 10.1.1.1
Guest network 10.0.0.1
I connected slate to the guest network via Ethernet and connected to the VPN which assigned slate a 10.0.1.x ip.
The problem I am facing is that I cannot connect to any service running in the VPN server host subnet (10.0.0.x) as it's hitting the upstream Guest network first.
I guess the fix would be (since I can't change Guest) to change the VPN server network to a different range, but this is a lot of configuration change, my question is, could this be done in another way from the slate configuration? Thanks!
Maybe relevant to mention, same configuration works fine when the guest network (this is the network where the slate server joins) is on a different subnet configuration (192.168.0.0)
Is there a way to hardcode routes to go though VPN?
Hi,
You can try these methods:
-
On the Slate device or the upstream router (if supported), manually add a static routing rule to force the traffic accessing 10.0.0.0/24 (the VPN server subnet) to go through the VPN tunnel instead of the guest network.
-
If the above method doesn’t work, you can also try, in the WireGuard configuration of the VPN client (the Slate device), explicitly specifying that the “Allowed IPs” include 10.0.0.0/24, so that the client actively routes the traffic of this 网段 through the VPN tunnel.
Thank you very much for the fast response!
I updated the WG configuration as suggested but that breaks connectivity, I don't exactly know why but nothing is accesible with allowed IP range modified.
I would like to try option one but I dont know how to do this on the slate is there a easier routing plugin to use or will this require ssh? (I have never did this before)
Slate router can configure static routing through luci. Or via SSH.
I'm not sure if the upper router has a configuration GUI for static routing, but I'm sure you can configure static routing via SSH.
