Isolate VPN on Guest WiFI Network

Hi Everyone!

I have a Turris Omnia with Firmware version OpenWrt omnia 15.05. I am running Wireguard VPN on the router through Mullvad.

I have a normal network and a Guest network configured. Everything works fine, except the fact that the guest network too runs on the VPN. I would like to isolate the guest network from the VPN and only have VPN run on the regular network.

I have tried searching the forum for similar issue, but did not find any luck. Any kind of help would be appreciated.


See this thread: VPN policy based routing possible?

I didn‘t try it but some people had success with it

Thanks for replying protree. I am little noobie regarding this tutorial and looks too complex for me. I wanted to know that do the Lan ports too also work on VPN ? Was thinking I can connect another router to the LAN port and setup WiFI on that without VPN.


There is a similar thread on the subject VPN on guest network interferes with regular network - #8 by anon50890781 - SW help - Turris forum

If you want something bit more complex of networking (split routing), which is want you want, then you may have to educate yourself a bit about the basics of routing since neither the TO frontend Foris nor LuCI from OpenWRT provides a carefree setup for split routing out of the box.

You basically have multiple wan ifaces (one physical with the ISP and one virtual with the VPN endpoint) and the egress traffic is either globally routed through one of them (in your case it sounds now the egress traffic is globally routed via Wireguard) or you have to establish a policy for routing clients (subnets) through one of the wan.

Alternatively there also the mwan package or you establish your own script with routing rules.

But either way it would require you to understand basic routing.