Last active
April 30, 2022 15:07
-
-
Save adrianmihalko/aa3e09bad4025f0f35b39f07a45d9250 to your computer and use it in GitHub Desktop.
wireguard edgerouter mullvad config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
!!!NOT WORKING!!! | |
configure | |
set interfaces wireguard wg0 address 10.xx.xxx.253/32 | |
set interfaces wireguard wg0 listen-port 51820 | |
set interfaces wireguard wg0 route-allowed-ips false | |
set interfaces wireguard wg0 peer JuE+ endpoint mullvadserverip:51820 | |
set interfaces wireguard wg0 peer JuE+ allowed-ips 0.0.0.0/0 | |
set interfaces wireguard wg0 private-key /config/auth/wg.key | |
set firewall name WAN_LOCAL rule 20 action accept | |
set firewall name WAN_LOCAL rule 20 protocol udp | |
set firewall name WAN_LOCAL rule 20 description 'WireGuard' | |
set firewall name WAN_LOCAL rule 20 destination port 51820 | |
commit | |
save | |
exit | |
configure | |
set service nat rule 5010 outbound-interface wg0 | |
set service nat rule 5010 outside-address address 10.xx.xxx.253 | |
set service nat rule 5010 type source | |
commit | |
save | |
exit | |
configure | |
set protocols static table 1 description 'table to force wg0:mullvad' | |
set protocols static table 1 interface-route 0.0.0.0/0 next-hop-interface wg0 | |
set protocols static table 1 route 0.0.0.0/0 blackhole distance 255 | |
commit | |
save | |
exit | |
configure | |
set firewall group address-group HOME_MULLVAD description 'hosts in HOME that route out via Mullvad' | |
set firewall group address-group HOME_MULLVAD address 192.168.1.188 | |
commit | |
save | |
exit | |
configure | |
set firewall modify PBR_MODIFY description 'set routing tables selectively based on source address' | |
set firewall modify PBR_MODIFY rule 10 action accept | |
set firewall modify PBR_MODIFY rule 10 description 'exclude LAN to LAN traffic from PBR' | |
set firewall modify PBR_MODIFY rule 10 destination address 192.168.1.0/24 | |
set firewall modify PBR_MODIFY rule 200 action modify | |
set firewall modify PBR_MODIFY rule 200 description 'modify selective hosts within haven' | |
set firewall modify PBR_MODIFY rule 200 modify table 1 | |
set firewall modify PBR_MODIFY rule 200 source group address-group HOME_MULLVAD | |
set interfaces ethernet eth4 firewall in modify PBR_MODIFY | |
commit | |
save | |
exit |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment