Wireguard and Outbound Internet Access

[spetrillo]

Hello all,

I use Wireguard for client VPN access to my internal servers. I would like to allow the VPN client to be able to access the Internet, while connected to the VPN. I thought having the Allowed IPs of 0.0.0.0/1 and 128.0.0.0/1 would do that but it does not seem to be working. Am I missing something?

Thanks,
Steve

[Bob.Dig]

Why not 0.0.0.0/0?

[spetrillo]

That does not seem to work.

[Bob.Dig]

I would like to allow the VPN client to be able to access the Internet, while connected to the VPN.

What do you mean exactly?

Also, what Client is used.

[spetrillo]

So I would like to do this one of two ways:

1) Connect to VPN for protected resources while allowing access to local Internet resources and apps, sort of like split tunneling.
2) Connect to VPN for protected resources and then allow access to Internet resources through the Internet connection the protected resources use, sort of like routing out the Internet connection.

I am using both Windows and Android devices for VPN access. I hope that clarifies what I am trying to do. My OPNsense firewall is the Wireguard VPN server. I have setup an interface for WG and a firewall rule to allow WG access to my internal networks.

[Bob.Dig]

If I understand correctly, then 2. is using 0.0.0.0/0 and 1. would be the IP-addresses/networks of your "protected resources" as the allowed IPs.
2. is the easiest to configure.

[spetrillo]

So the Allowed IPs should be 0.0.0.0/0 and 0.0.0.0/1?