Andreas,

Check the Table option here: 
https://git.zx2c4.com/WireGuard/about/src/tools/man/wg-quick.8.

wg-quick adds some routes and rules, you can see them with: ip rule show 
(check the line containing fwmark, it ends with the routing table 
number) and then check the routes in the corresponding table with: ip 
route show table xxx. Basically, if you omit the Table option, wg-quick 
will add the necessary routes to send all traffic via the tunnel when 
you specify AllowedIPs = 0.0.0.0/0. You can add routes to your local 
networks/devices for connections to them to go outside the tunnel in the 
PostUp option in the wg-quick config.

Regards,
Anatoli

*From:* Andreas Hatzl <andreas@hatzl.org>
*Sent:* Thursday, February 21, 2019 12:08
*To:* Wireguard Mailing List <wireguard@lists.zx2c4.com>
*Subject:* VPN - excluding local IPs

Hi,

I have successfully set up a wireguard VPN between my notebook (Manjaro behind
NAT) and my virtual server (ubuntu 18.04). The only "issue" left is that I
can't connect to local devices on the client while using wireguard. Is there a
way to exclude an IP range from using wireguard?

my client config:
[Interface]
Address = 10.x.y.z/32
PrivateKey = xyz

[Peer]
PublicKey =xyz
Endpoint = xyz:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 21

I am aware that the solution for this has most likely been posted a lot of
times but I can't find anything on the Wireguard page or Google.

It would be great if somebody could help me with this.

Thanks

Andreas


_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard