Allowed IPs? Clarification and support

Home Forums Discussions Support Allowed IPs? Clarification and support

Tagged: 

Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • August 8, 2023 at 6:34 am #13228
    thrik
    Participant

      Hi there,

      I’m wondering about the behavior of AllowedIPs. Is there a potential conflict with AllowedApps taking place for me?

      This is what I have right now:

      AllowedApps = firefox, qbittorrent
      AllowedIPs = 0.0.0.0/0, ::/0

      My default browser Brave is working as intended, by it going outside of the tunnel.

      However, I tried to add some site IPs to go thru the tunnel, but it doesn’t seem to work. I added them so that they were as the following:

      AllowedIPs = 0.0.0.0/0, ::/0, X.X.X.X/32, X.X.X.X/32

      The X’s being the actual IP address, of course 🙂

      All I want is for almost all IPs to go outside of my tunnel, with some being inside.

      I also tried the following:

      AllowedIPs = X.X.X.X/32, X.X.X.X/32

      This also did not work, sadly. So, I’m wondering if you have any suggestions. Thank you again!

      August 8, 2023 at 11:07 am #13229
      Vadim Smirnov
      Keymaster

        Hello thrik,

        It’s important to note that using AllowedIPs = 0.0.0.0/0, ::/0 already covers the entire address space. Therefore, adding specific IPs like X.X.X.X/32 after this range is redundant. If your configuration file contains:

        AllowedApps = firefox, qbittorrent
AllowedIPs = X.X.X.X/32, X.X.X.X/32

        This configuration means that only the two listed applications (firefox and qbittorrent) will send data to the two specified IPs over the tunnel.

        To achieve your goal of allowing almost all IPs to go outside your tunnel with some being inside, you might need to reconsider your configuration and ensure that there are no conflicts between AllowedApps and AllowedIPs.

        Hope this helps!

        August 8, 2023 at 11:22 pm #13233
        thrik
        Participant

          Hi Vadim,

          Thank you for the response. I do not understand how to allow certain IPs to go through the tunnel in my scenario. Are you able to offer any ideas?

          I want to have only these IPs go thru the tunnel with my default browser Brave. However, if this is not possible, it’s okay, since I can just launch Firefox, which you can see goes thru the tunnel.

          Thank you 🙂

          August 9, 2023 at 8:39 am #13235
          Vadim Smirnov
          Keymaster

            If the Brave browser can be identified by the name ‘brave’ then the following configuration may suit your requirements:

            AllowedIPs = X.X.X.X/32, X.X.X.X/32
            AllowedApps = brave

            August 9, 2023 at 10:58 am #13236
            thrik
            Participant

              Hmm I see, but I fear that may conflict with my existing allowed apps, which are firefox and qbittorrent. I think that only the IPs I add would go thru the tunnel for those apps.

              But, it’s okay 🙂 I can just use Firefox for now.

              August 9, 2023 at 12:58 pm #13237
              Vadim Smirnov
              Keymaster

                While it’s possible to implement more advanced traffic rules, these limitations arise from ensuring backward compatibility with Wireguard configuration files.

              • Author
                Posts
              Viewing 6 posts - 1 through 6 (of 6 total)
              • You must be logged in to reply to this topic.