Wireguard working but IP not changing

Hi there!

So I am trying to set up Wireguard on my Turris. I’m using Proton VPN as a provider.

I successfully configured the config provided by Proton. And it seems to work so far (packets are being transmitted)

Screenshot 2024-04-16 at 21.53.151918×848 52.5 KB

Screenshot 2024-04-16 at 21.54.201918×1544 321 KB

This is the config provided by my VPN provider:

[Interface]
# Key for Turris
# Bouncing = 1
# NetShield = 1
# Moderates NAT = off
# NAT-PMP (Port-Weiterleitung) = off
# VPN Accelerator = on
PrivateKey = XXXX
Address = 00.0.0.0/32
DNS = 10.2.0.1

[Peer]
# CH#28
PublicKey = XXXX
AllowedIPs = 0.0.0.0/0
Endpoint = 000.000.00.000:51820

I’ve also set both my WAN and VLAN interfaces to use the same DNS server as the WG0 interface:

Screenshot 2024-04-16 at 21.55.391038×1094 71.3 KB

This is the firewall config:

Screenshot 2024-04-16 at 21.56.081890×556 63 KB

As mentioned and showed in the screenshots above, Wireguard seems to work. The problem I am having is that my IP address is still from my ISP and not the VPN.

My guess is that the issue might be due to my VLAN? I don’t have much experience with it and maybe this could be the problem here.

Thank you for any advice!

Show the output of ip route when WG is connected. I guess its a problem with metric and your WAN connection has lower metric and thus used

Also why you have duplicated interfaces? VLAN and WAN seem the same
Also you dont need to set DNS in WAN/VLAN interface leave it as default

Ok, so it works now. I created a new Peer from my VPN Provider and also adapted the firewall, so that only traffic through the VPN and not directly WAN interface is permitted. And I’ve set the gateway metric on the WAN interface to 20. Thank you @AreYouLoco

I’ve configured the DNS in those interfaces in order to prevent DNS leaking.
And yes, you’re right, the VLAN interface isn’t necessary.

@claudio Mark topic as solved😆

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.