@Clive_A 

to be honest, this solution was really bad, I had a test remote to my home network here. Yes, it worked, but the client had to be connected to the vlan that has the same IP network as the wireguard tunnel. not only that, only one client could use the tunnel, and the client had to have the same ip as the wireguard tunnel ip address in the config file.

but yes it was possible to route a simple network now, but that doesn't help much when there is such limitations

Ok, so far no solution as I see.

  @Clive_A 

Ok, then I have a solution, it requires two routers, but I have enough routers so thats not a problem. 

I have now configured an ER706W as a wireguard client against a wireguard server running on ubuntu, I have configured about 80 remote networks that I need access to in the wireguard tunnel.

since only one IP is allowed to connect to the wireguard tunnel, one of the WAN ports on the ER8411 has been connected to the LAN on the ER706W, so the ER8411 is the only client that is allowed to use the wireguard tunnel and have the ip that is defined in the remote peer.

this way I can also use policy route against Wireguard on ER8411. have created a policy route through the WAN interface that goes to LAN on the ER706W

Do you know how many networks can be configured in wireguard peer profile on Omada kontroller? I now have about 80+- remote network in my peer profile.

I have to test a few days to see how it works. I hope in the long term that I can run everything on one router, but that seems to be a some time to that happend.

The good thing is that I learn a lot about wireguard with TP-Link's solution. it's not plug and play like it is, for example, on unifi 

Clive_A wrote

Hi @MR.S 

Thanks for posting in our business forum.

MR.S wrote

  @Clive_A 

 

 

Ok, then I have a solution, it requires two routers, but I have enough routers so thats not a problem. 

 

I have now configured an ER706W as a wireguard client against a wireguard server running on ubuntu, I have configured about 80 remote networks that I need access to in the wireguard tunnel.

 

since only one IP is allowed to connect to the wireguard tunnel, one of the WAN ports on the ER8411 has been connected to the LAN on the ER706W, so the ER8411 is the only client that is allowed to use the wireguard tunnel and have the ip that is defined in the remote peer.

 

this way I can also use policy route against Wireguard on ER8411. have created a policy route through the WAN interface that goes to LAN on the ER706W

 

Do you know how many networks can be configured in wireguard peer profile on Omada kontroller? I now have about 80+- remote network in my peer profile.

 

I have to test a few days to see how it works. I hope in the long term that I can run everything on one router, but that seems to be a some time to that happend.

 

The good thing is that I learn a lot about wireguard with TP-Link's solution. it's not plug and play like it is, for example, on unifi 

 

 

 

WireGuard official, if you are using it on Ubuntu, itself originally is not plug and play as well. There are just different ways to add plug-ins and make it more easy to use.

But the plain and vanilla WG is way trouble for people who are not familiar with it.

 

ER8411 up to 300 peers.

  @Clive_A 

Yes but how many remote network is there possible to add in one peer? now I have about 80 remote network added in a peer but I guess there is a limit som place :-)