[ad_1]
Environment
- OS: Linux
- Network interfaces:
wlan0
: Used for non-VPN hotspot (MyHotspot
)wlan1
: Connected to internetwlan2
: Used for VPN hotspot (MyHotspot-VPN
)au-syd-wg-002
: Wireguard VPN interface
Configuration
I have set up two WiFi hotspots:
MyHotspot
(non-VPN): Usingwlan0
, internet fromwlan1
MyHotspot-VPN
: Usingwlan2
, internet through Wireguard VPN (au-syd-wg-002
)
Wireguard configuration (/etc/wireguard/au-syd-wg-002.conf
):
[Interface]
PrivateKey = redacted
Address = 10.67.48.249/32,fc00:bbbb:bbbb:bb01::4:30f8/128
DNS = 10.64.0.1
[Peer]
PublicKey = redacted
AllowedIPs = 192.168.13.0/24
Endpoint = 146.70.141.194:51820
MyHotspot
(non-VPN) configuration (/etc/create_ap/wlan0-1.conf
):
GATEWAY=192.168.12.1
DHCP_DNS=gateway
WIFI_IFACE=wlan0
INTERNET_IFACE=wlan1
SSID=MyHotspot
MyHotspot-VPN
configuration (/etc/create_ap/wlan2-vpn.conf
):
GATEWAY=192.168.13.1
DHCP_DNS=10.64.0.1
WIFI_IFACE=wlan2
INTERNET_IFACE=au-syd-wg-002
SSID=MyHotspot-VPN
Network Interface Details (ifconfig
output):
au-syd-wg-002: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
inet 10.67.48.249 netmask 255.255.255.255 destination 10.67.48.249
inet6 fc00:bbbb:bbbb:bb01::4:30f8 prefixlen 128 scopeid 0x0<global>
RX packets 0 bytes 0 (0.0 B)
TX packets 0 bytes 0 (0.0 B)
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.12.1 netmask 255.255.255.0 broadcast 192.168.12.255
inet6 fe80::dea6:32ff:fe9a:b7b2 prefixlen 64 scopeid 0x20<link>
ether dc:a6:32:9a:b7:b2 txqueuelen 1000 (Ethernet)
RX packets 70838 bytes 11884831 (11.3 MiB)
TX packets 118247 bytes 112432350 (107.2 MiB)
wlan1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.35.157 netmask 255.255.252.0 broadcast 172.17.35.255
inet6 fe80::280a:74a5:f28a:341d prefixlen 64 scopeid 0x20<link>
ether f0:09:0d:36:7b:7a txqueuelen 1000 (Ethernet)
RX packets 118170 bytes 112463238 (107.2 MiB)
TX packets 68718 bytes 14022513 (13.3 MiB)
wlan2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.13.1 netmask 255.255.255.0 broadcast 192.168.13.255
inet6 fe80::3698:b5ff:fe36:9bf5 prefixlen 64 scopeid 0x20<link>
ether 34:98:b5:36:9b:f5 txqueuelen 1000 (Ethernet)
RX packets 121 bytes 18670 (18.2 KiB)
TX packets 101 bytes 19478 (19.0 KiB)
Routing table:
default via 172.17.32.10 dev wlan1 proto dhcp src 172.17.35.157 metric 600
172.17.32.0/22 dev wlan1 proto kernel scope link src 172.17.35.157 metric 600
192.168.12.0/24 dev wlan0 proto kernel scope link src 192.168.12.1
192.168.13.0/24 dev au-syd-wg-002 scope link
192.168.13.0/24 dev wlan2 proto kernel scope link src 192.168.13.1
Issue
The non-VPN hotspot works fine, but the VPN hotspot doesn’t work. When connecting to MyHotspot-VPN
, I get a DNS_PROBE_FINISHED_NO_INTERNET
error on browser requests.
However, if I change the AllowedIPs
in the Wireguard config to 0.0.0.0/0
, both hotspots work fine, but then both are routed through the VPN. I only want MyHotspot-VPN
to use the Wireguard VPN.
Question
How can I configure my routing or Wireguard setup to allow the MyHotspot-VPN
hotspot (wlan2
) to properly route traffic through the Wireguard VPN (au-syd-wg-002
) while keeping the MyHotspot
hotspot (wlan0
) on the regular internet connection?
Additional Information
- The VPN hotspot is configured to use the VPN’s DNS (
10.64.0.1
) - Both hotspots are created using the linux-wifi-hotspot tool
Any insights or suggestions would be greatly appreciated. Thank you!
[ad_2]
Source link