Wireguard server can't access downstream router and LAN

I can access the Brume2 Wireguard server remotely, and the admin panel of the Brume2, but I cant access the router downstream, or all the devices connected to it.

“Remote access Lan” is on.
“IP Masquerading” is on.
How do I gain access.
I’ve tried opening a port…
Which setting am I missing please.

Please share your WireGuard Client config (without the keys)

What is the IP range of your upper network?
Could you create a quick overview about all IP addresses and how they are connected?

@admon @hansome I’m still unable to view downstream router and devices, should I be able to by default, or do I have to change a setting, is this related?

“It turns out to enable wireguard server to serve on LAN port, providing Internet access to wireguard client,
you need to enable LAN masquerading and related forwarding rule, use the following command:”

# enable wireguard server to LAN forwarding
uci set firewall.wgserver2lan=forwarding
uci set firewall.wgserver2lan.src='wgserver'
uci set firewall.wgserver2lan.dest='lan'
uci set firewall.wgserver2lan.enabled='1'

Not related.
You can ping on Brume2 terminal, but can not ping in Wireguard client terminal, right?
What’s the wan subnet of the wiregurad client?

I’ve spent days trying to get this to work, first 3 months ago when I first got the Brume 2, failed and now I’m back. Is it because of Gl Inet firmware doesnt automate static routes for this? Like here…

Is this USB0 a tethering network?

If you can’t ping, the downstream device firewall blocks the access.
Please also DM me your syslog(export log).

Yes exactly, mobile data, but not used.

Please also DM me your syslog(export log).

I’ll do that right now, have you got any instructions to make it easier, quicker please?

Just export log by admin panel.

1 Like

Found it, thanks very much, PM sent.