local network is using wireguard peer dns

local network is using wireguard peer dns

local network is using wireguard peer dns
local network is using wireguard peer dns
13 hours ago - last edited 12 hours ago
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.2.6

hello, i have problem with wireguard. we one user who is in different country, and after some time our google searches uses localization of that  user. i  dont  know  if  its wrong peer configuration in wireguard or wrong  created  ACL.

 

Thank You for  your help.

  0      
  0      
#1
Options
3 Reply
Re:local network is using wireguard peer dns
10 hours ago - last edited 10 hours ago

If the 'Allowed IP's at your end of the tunnel, allows all traffice for the user e.g. 0.0.0.0/0, or various settings that achieve the same thing with a higher priority, then you might want to experiment with your Allowed IP's setting.

 

0.0.0.0/0, or similar, essentially allows your router to accept anything that arrives at your router, and one of the behaviors exhibited is exactly what you describe.

 

If this is the case, then try changing the Allowed IP's to be only the User's IP's you want to give access to your end of the tunnel.

  0  
  0  
#2
Options
Re:local network is using wireguard peer dns
10 hours ago

Thank You for reply

If i understood correctly i change AllowedIPs from 0.0.0.0/0 to this user ip, unfortunately after that change user could not reconnect.

Maybe I misunderstood.

test

  0  
  0  
#3
Options
Re:local network is using wireguard peer dns
7 hours ago - last edited 2 hours ago

  @peter223 

 

In the example above the relevant lines of WireGuard configuration at the 'Data Centre' end of the tunnel (this is you) could read, depending on your use case ....

 

[interface]

Address = 192.168.60.19

 

[Peer]

AllowedIPs = 192.168.60.55 / 32 and 192.168.0.20 / 32

 

In addition, it's not clear why you have a DNS entry in your config; it's probably down to your particlar use case. If the above example (or similar) doesn't work, then try removing the DNS entry.

  0  
  0  
#4
Options