Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to force all traffic of lan/subnet through tunnel

    Scheduled Pinned Locked Moved WireGuard
    3 Posts 1 Posters 668 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      compsmith
      last edited by

      I currently have a working Site-to-Multisite Wireguard setup that only routes traffic to/from HQ and each of the 25 remote sites (hub and spoke). The only traffic At one location we hare having issues with the ISP's public ip address being blocked for a service they need. I need to route all traffic from the remote site's LAN though the HQ to resolve HQ's static IP back at the remote site, but there is several other VLAN's/subnets that cant be routed down the VPN and must go out the ISP's at the remote location.

      Anyone know how I can route all traffic on the LAN subnet over the Wireguard tunnel so the resolve the HQ's external IP without affecting the other VLAN's? The documentation I used to set up the Site-to-Multisite is linked above.

      1 Reply Last reply Reply Quote 0
      • C
        compsmith
        last edited by

        UPDATE: I tried policy based routing the WAN interface to use the Wireguard gateway but no devices can reach the internet.

        C 1 Reply Last reply Reply Quote 0
        • C
          compsmith @compsmith
          last edited by

          SOLVED
          All I had to do at the remote site was change the allowed IP's to 0.0.0.0/0 in the peer, then change the LAN "allow all" rule to the gateway to the wireguard vpn.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.