Wireguard Split tunneling

1st Official Post

    Hello everybody,

    I am trying to set up wireguard on my libreelec@rpi4 but I am having troubles doing it as a "split tunnel". I only want the rpi to connect to my wireguard server so I can then access the rpi+library from the outside. Therefore, on the rpi config, I would like to set

    Code
    WireGuard.AllowedIPs = 10.100.100.0/24

    Which is the subnet of the VPN. But when I do that, if I check the routing table of the rpi, it is:

    Code
    default dev wg0 scope link 
10.100.100.0/24 dev wg0 scope link  src 10.100.100.5

    Therefore, the wireguard interface is set as the default one, by connman I guess, and I cannot change it (I tried `ip route add default via 192.168.1.254 dev eth0` manually without success).

    Does anybody have any pointers? Thanks!

    • Official Post

    The current ConnMan implementation was made for the simple use-case of connecting a tunnel and routing everything down the tunnel to the remote location; partly because that's my personal use-case and I did the work with ConnMan devs to get WireGuard support added into ConnMan. Any other use-case probably needs work and validation with them.