I’m just faceing a problem since a while now. I’ve been applying updates, but nothing happens. Here is the problem (that is just with Mac OS, in Windows, everything goes up and nice).
If I try to connect my Mac to the office through a WireGuard connection, it connects and everything works perfect, except for one little detail. In my house I have the 192.168.1.0/24 to all my devices, and in my work, that subnet is for servers (it will change at the end of this year I hope), and I can’t access to non of the servers nor nothing else in that subnet.
It’s like WireGuard doesn’t route my requests to that network due to…it’s the same as I have in home. The “solution” I reached out is to change my subnet and that’s it. But when my boss travels who knows where and tries to connect to a server through WireGuard using his Mac, and the hotel uses the same segment for it’s clients that we use for our servers, well, we know that it wont connect.
As I said earlier, in this point, windows seems to be smarter and you can connect to the servers even though you have the same subnet as in the office.
Any ideas on how can I solve this problem and any Mac could reach to any server despite the fact that the subnet could be the same in both sides?
You can’t change the order of virtual private network (VPN) connections because they already take priority over non-VPN connections.
But that’s only default route, windows maybe have different behavior and priorities interface subnet route based which interface becomes up in order.
You can try to create in Mac Wireguard config PostUp script which sets route for that conflicted subnet to be routed over Wireguard interface but better solution is to change VPN subnet to some 10.0.0.0/8 address range at some point to be safe.
Example route commands on Mac: sudo route -q -n add -inet 192.168.1.0/24 -interface <wg_interface> - this will route 192.168.1.0/24 subnet over Wireguard interface
or you can route only specific server ip addresses: sudo route -q -n add -host <server1_ip> -interface <wg_interface>
sudo route -q -n add -host <server2_ip> -interface <wg_interface>
…