I run WireGuard on my router to hit my LAN services (SAMBA, home assistant, etc) from afar.
But when I enable the VPN client on my router, I can no longer access LAN services over Wireshark. “Allow LAN access is set to ‘true’” on the UI (Merlin).
Has anyone else run into this? Any ideas?
I must be thinking of the wrong Wireshark because the one I know of is a packet capture program not a VPN client/server.
Maybe Wireguard?
Yep. Edited. Definitely autocorrect’s fault, not my morning brain fog.
No, actually you’re right. I meant wire guard.
All good mate.
You are asking the WG server to listen to incoming requests from outside your lan subnet, so it is ignoring VPN requests from that subnet.
There are two solutions to this:
- Add routing to your wireguard server instance to allow the VPN intermediary subnet to accept connections from your lan subnet or
- Allow your wireguard client to split-tunnel, so it can reach subnets that aren’t reachable outside your WG tunnel.
Thank you, this is really helpful, a good place to start.
Just to verify do you have acces to the router from remote client?
Are you routing all traffic from the remote device through your lan router, or using split tunnel?
Im not a network pro, but I am running a very similar setup to circumvent CG-NAT and access lan servers. Things that I ran into were making aure I had the correct “Allowed IPs” set on all clients, and proper “routes” setup on the router.