Routing issue when both VPN client and VPN server is ON

y2kbug · November 8, 2022, 5:42am

On AT1800 at home, I have WireGuard server turned on, with subnet 10.10.10.0/24
On ATX1800 in office, I have WireGuard client connecting to home server, with IP 10.10.10.2/32.
It works for a period of time.

I have just turned on WireGuard client on AT1800 at home.
Now I cannot connect to 10.10.10.2 when WG-client is on.
Turning off WG-client brings back 10.10.10.0/24 network.
I have tried excluding 10.10.10.0/24 in “based on target IP” or “customized rules” but did not work.

How to configure so I can access 10.10.10.0/24 ?

By the way, I have tried putting these into the WireGuard connection configuration, and the UI fails to load.

AllowedIPs = 0.0.0.0/5, 8.0.0.0/7, 10.0.0.0/12, 10.16.0.0/14, 10.20.0.0/20, 10.20.16.0/21, 10.20.24.0/22, 10.20.28.0/23, 10.20.31.0/24, 10.20.32.0/19, 10.20.64.0/18, 10.20.128.0/17, 10.21.0.0/16, 10.22.0.0/15, 10.24.0.0/13, 10.32.0.0/11, 10.64.0.0/10, 10.128.0.0/9, 11.0.0.0/8, 12.0.0.0/6, 16.0.0.0/4, 32.0.0.0/3, 64.0.0.0/2, 128.0.0.0/1

Connection is still fine. But the routing is not correctly setup accordingly.

dev101 · November 8, 2022, 5:45am

I’ve also experience this issue with my AXT-1800. WG clients connected to the AXT WG server will lose internet connection if the VPN Client is turned on. I was hoping to have both WG server and OPVN server turned on as backup in case WG connection doesn’t work when traveling, but this may prove to a challenge.

y2kbug · November 8, 2022, 5:51am

Do you have only one router named AXT1800, and connecting to it with a phone or computer?
And there WG and OVPN servers are running, without any problem, but
problematic only when WG / OVPN client is turned on?

y2kbug · November 8, 2022, 6:00am

I have added this in OpenWRT → Routing
Interface: wgserver
Route tye: unicast
Target: 10.10.10.0/24
Gateway: (ignore)

It is shown on routing table:

root@GL-AX1800:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         0.0.0.0         128.0.0.0       U     0      0        0 wgclient
0.0.0.0         xxx.xx.xxx.1    0.0.0.0         UG    0      0        0 eth0
10.10.10.0      0.0.0.0         255.255.255.0   U     0      0        0 wgserver
128.0.0.0       0.0.0.0         128.0.0.0       U     0      0        0 wgclient
xxx.xxx.xxx.1   xxx.xx.xxx.1    255.255.255.255 UGH   0      0        0 eth0
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 br-guest
192.168.50.0    0.0.0.0         255.255.255.0   U     0      0        0 br-lan
xxx.xx.xxx.0    0.0.0.0         255.255.255.0   U     0      0        0 eth0

But I cannot connect to 10.10.10.2.

alzhao · November 8, 2022, 9:59am

Pls wait for 4.1.1 firmware, which fixed VPN client and server running at the same time, aka vpn cascading.