Hey Guys, so I have a simple issue which has stumped me.
I have Wireguard setup, and want to forward all traffic over the wireguard interface - this works, but I lose access to the router itself (192.168.80.1/24) from LAN (192.168.80.0/24).
I tried a rule where traffic to the router itself (192.168.80.1) should go through the main table, but this doesn’t work.
I also played with the rule order, but this made no difference, and of course, if the rule is disabled, I’m able to access the router again.
The policy routing rule between subnets is redundant. The router already knows both local subnets due to their existing address and already creates routes for them.
The routing rule overides this and send the traffic out of the tunnel.
Instead try this.
AS FIRST ROUTING RULE In the ORDER add min-prefix=0 action=lookup-only-in-table table=main. add src-address=192.168.80.0/24 action=lookup table=WG
Note: for WG use action=lookup-only-in-table if you want users NOT to ever access the main WAN, even if WG is not available
Note; Removed dst address in your routing rule. Not required and will interfere with other traffic.
