This is an automated archive.
The original was posted on /r/wireguard by /u/HeBigBusiness on 2023-12-28 04:21:17+00:00.
Edit: sorry title is stupid. I am really tired. Should read:: “Stop outgoing traffic from the VPN server from going through the tunnel.”
My configuration on the server is this:
Interface name: wg0
[Interface]
PrivateKey=
Address=10.0.0.1/24
ListenPort=51820
[Peer]
PublicKey=
AllowedIPs=10.0.0.2/32
I can ssh from the client to the server via the tunnel, but once I try to use my package manager or other web on the server, I get errors. It seems all outgoing traffic on the server is trying to use wg0, which I don’t really want it to do.
For instance, here’s when I run on the server: ping google.com
PING google.com (142.250.190.78) 56(84) bytes of data.
From 10.0.0.1 (10.0.0.1) icmp_seq=1 Destination Host Unreachable.
ping sendmsg: Required key not available.
Meanwhile when I do: ping -I eth3 google.com (Ethernet interface) I get successful acknowledgments from ping. So I’m not sure if this is a DNS leakage issue? I’ve also made sure to drop the metric on my ip route for eth3 and raise it for wg0, eth3 is also the default route, so I’m not sure what to do to fix this.