Created
November 25, 2021 19:40
-
-
Save adrianmihalko/2790fa482d18349845e6ad0a0cc720f1 to your computer and use it in GitHub Desktop.
Destination based routing on Unifi USG and Edgerouter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @UniFiSecurityGateway3P:/config$ configure | |
| @UniFiSecurityGateway3P# set protocols static table 5 interface-route 0.0.0.0/0 next-hop-interface wg0 | |
| @UniFiSecurityGateway3P# set firewall modify VPN_Gateway rule 2502 action modify | |
| @UniFiSecurityGateway3P# set firewall modify VPN_Gateway rule 2502 modify table 5 | |
| @UniFiSecurityGateway3P# set firewall modify VPN_Gateway rule 2502 destination group address-group 6029c3e9e4f9411eca96870f | |
| @UniFiSecurityGateway3P# set firewall modify VPN_Gateway rule 2502 protocol all | |
| @UniFiSecurityGateway3P# set interfaces ethernet eth1 firewall in modify VPN_Gateway | |
| @UniFiSecurityGateway3P# commit | |
| @UniFiSecurityGateway3P# set service nat rule 5004 description "masq to vpn wg0" | |
| @UniFiSecurityGateway3P# set service nat rule 5004 outbound-interface wg0 | |
| @UniFiSecurityGateway3P# set service nat rule 5004 type masquerade | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@UniFiSecurityGateway3P:/config$ configure
@UniFiSecurityGateway3P# set protocols static table 5 interface-route 0.0.0.0/0 next-hop-interface wg0
@UniFiSecurityGateway3P# set protocols static table 5 route 0.0.0.0/0 blackhole distance 255
@UniFiSecurityGateway3P# set firewall modify VPN_Gateway rule 2502 action modify
@UniFiSecurityGateway3P# set firewall modify VPN_Gateway rule 2502 modify table 5
@UniFiSecurityGateway3P# set firewall modify VPN_Gateway rule 2502 destination group address-group 6029c3e9e4f9411eca96870f
@UniFiSecurityGateway3P# set firewall modify VPN_Gateway rule 2502 protocol all
@UniFiSecurityGateway3P# set interfaces ethernet eth1 firewall in modify VPN_Gateway
@UniFiSecurityGateway3P# commit
@UniFiSecurityGateway3P# set service nat rule 5004 description "masq to vpn wg0"
@UniFiSecurityGateway3P# set service nat rule 5004 outbound-interface wg0
@UniFiSecurityGateway3P# set service nat rule 5004 type masquerade
@UniFiSecurityGateway3P# set service dns forwarding options ipset=/ifconfig.me/6029c3e9e4f9411eca96870f