Wireguard taking over Internet

After the latest update (as far as I can tell), my Wireguard interface seems to take over the internet whenever I start it. It might have started after I enabled the Dynamic Firewall, but I’m not really sure why it started behaving this way. If I stop the wireguard interface, I have to restart the WAN interface to get routing back (or maybe that was just a stale routing table on my workstation, IDK).

In LuCI it’s in the LAN firewall group, so I’m not sure why the router thinks it should be the WAN interface.

I can post config files if necessary. I may just trash the config and start over anyway but I wanted to understand what I might have done wrong. I’m don’t entirely understand the best wireguard set up.


I had a
option route_allowed_ips '1'
in one of the connections. When I removed it, the problem went away. But I’d like to have that one connection route through my router from remote. Do I need to have that option enabled on the remote router?

Check the Allowed IPs which you configured for each of your Wireguard peers. If these contain either or ::/0 then this is where your unwanted default route is coming from. Remove these entries and restart the Wireguard interface.