Routing traffic from specific subnet and port through Wireguard tunnel
-
Hi folks,
I have setup a Wireguard tunnel using a VPN provider and the tunnel is up. What I'd like to do is route a service on my home server through the tunnel, but all other ports on that subnet address to exit via my normal IP service.
e.g. 192.168.1.30:30042 to route to wireguard. All other ports on 192.168.1.30 to exit via normal ISP IP address.
Is this possible and if so how? I can find many guides to route all traffic via the VPN.
I am relatively new to this and willing to learn. Any help would be very much appreciated.
I'm running pfSense CE 2.7.2 on a mini PC, all firmware is up to date and all packages are the current versions available.
Please ask for any other information I need to give to help.
Kind regards
Jungle
-
so what you want is to direct an IP/port combination out your wireguard tunnel and all other port traffic from that IP out your normal WAN gateway?
I assume you have a gateway for the wireguard VPN? And you have NAT outbound rules allowing the LAN subnet out the wireguard VPN?
So I believe you can create a Firewall pass rule on the LAN subnet where you choose both the port and the ip of the device. When you make the rule do not use Any for the protocol because the advanced section on the source section will not show which you will need to specify the port number, it also means you have to know the protocol. Choose other in the dropdown menu and insert your custom port number. scroll down to the advanced options open up the long menu, scroll down and find gateway and change the gateway you want this ip and port to go out - the wireguard vpn gateway and save. You will want to position this rule just above the allow to any rule.
-
Hi,
Thanks for your reply. Yes I've set the tunnel up with all NAT rules in place, following guides, to the point of routing all traffic via the tunnel.
Just wasn't sure of the next steps and if a firewall rule would work.
I'll give that a go and see if it works as I'd like.