VPN/Wireguard split routing?

Hi, I’m trying to set up Wireguard on a GL-AR750S (currently 3.100 for the fun of it) to route only one subnet to the Wireguard peer. So config looks like “AllowedIPs =,”. Connection works and tunnel is usable.

But whatever I do, bringing up the connection sets a default route to the WG interface. It’s pretty hardcoded in the wireguard init script (if this is actually used here).

Is there a way to just configure routes to the AllowedIPs through the tunnel and leave def route as is (like wg-quick is doing?)? I tried to use VPN Policies to allow only traffic for the AllowedIPs to the VPN but didn’t work for me, neither.



You can try to modify the /etc/vpn.user