#"Subnet Routing" with Wireguard and CasaOS

Hi everyone 👋. I've almost setup my wireguard perfectly but am missing 1 feature. I want to know how to access other devices kn my network.

Can anyone help me with my Wireguard problem. I've got it setup and it is working so I can access everything on my CasaOS (Jellyfin, Immich and Files) But I am wondering if it is possible while using WG-Easy if I can setup a "Subnet Route" so that I can turn on my Gaming PC with WOL and access it with Moonlight/Sunshine. And maybe even my orinter but OC is definatley the priority. Is this possible and if so what is it called / is there a guide?

Any help will be greatly appreciated.

With wireguard you tell in the configuration file which subnets you should be able to access via the tunnel.
This is called split-tunnel

its usually listed like: AllowedIPs = 0.0.0.0/0 <- means no split-tunnel and route all traffic through.
AllowedIPs = 192.168.0.0/24 <- means that only traffic destined for 192.168.0.XXX/24 is routed via the wireguard tunnel

Would I change my allowed ips in Wg0.conf?

GG @azure patrol, you just advanced to level 1!

on the client side, it would potentially be wg0.conf

Okay so I should use a split tunnel to access my casa server and devices on my network???

this config allows this particular client access to 192.168.122.0/24

Yes, you should only route the traffic you want routed via the tunnel

What file was this in for you?

this would be the client side, Linux it would be /etc/wireguard/wg0.conf

Okay thank you... I have one more question. CasaOS overwrites any changes I make in that file. Should I change it on the Linux side? And not via the CasaOS webui

Are your goal here to have the CasaOS server to be the VPN endpoint (server) or as a Client?

Endpoint so I have WG setup on CasaOS, and have connected my device through the QR codes

Using the WG-Easy Application?

Yeah the one that is on the CasaOS appstore

Grand, so your device will then when you go via the QR Code, you will have to amend the client config for the allowedips

This ^

Like this?

you need to remove 0.0.0.0/0

and ::0/0

I did that and it still isn't working do I need to add something in the server side?

GG @azure patrol, you just advanced to level 2!

Are you doing these things while you are on mobile network and outside of the WiFi?

Yes... I changed it then resterted wireguard and disconnected and reconnected

What is the IP for the server/machine you want to connect to via VPN?

192.168.68.131 - CasaOS
192.168.68.112 - Gaming PC
192.168.68.111 - Phone

So, if you disconnect the phone from the wifi, and then attempt to do http://192.168.68.131 with the Wireguard tunnel active

Yes I'm able to access my CasaOS server via that IP when on data

Then your wireguard VPN connection is working 🙂

Omg it is cause I can also access my moonlight

Sorry I feel like I've waster your time

Thank you so so much for your help

You have not, sometimes it just takes some brain churning to get to the final destination