I’m trying to setup my VPN and I’m a bit confused here.

I have a commercial VPN subscription that I’m using on my phone and laptop. Now I’ve set up WireGuard on my OpenWRT router to access my home network remotely. I can connect to it from my phone but from what I see there’s no way to have both commercial VPN and my local network WG active at the same time (both are using WG so I’m trying to create WG config with two peers but I don’t think it’s possible).

So what do people actually do? From what I see I have 3 options:

  1. Don’t use commercial VPN on my phone, only use WG to access my network
  2. Switch between VPNs manually whenever I want to access my network
  3. Setup commercial VPN on my router, move all my networks traffic through this VPN and move all traffic from my phone through my home network.

Am I missing something? What’s the typical approach here? I thought that what I’m trying to do is basic scenario but it looks like it’s not that simple if at all possible.

  • tal@lemmy.todayEnglish
    3·
    4 hours ago

    I have not used such a configuration, but I believe that it’s fine to have multiple WireGuard VPNs concurrently up, at least from a Linux client standpoint. I have no idea whether your phone’s client permits that — it could well be that it can’t do it.

    Your routing table would have the default route go to a host on one of them (and your Internet-bound traffic would go there), but you should be able to have it be either. Or neither — I’ve set up a WireGuard configuration with a Linux client where the default route wasn’t over the WireGuard VPN, and only traffic destined for the LAN at the other end of the WireGuard VPN traversed the WireGuard VPN.

    From Linux’s standpoint, a WireGuard VPN is just like another NIC on the host. You say “all traffic destined for this address range heads out this NIC”. Just that the NIC happens to be virtual and to be software that tunnels the traffic.

    EDIT:

    It sounds like this is an Android OS-level limitation:

    https://android.stackexchange.com/questions/261526/are-there-technical-limitation-to-multiple-vpns

    In the Android VPN development documentation you can find a clear statement regarding the possibility to have multiple VPNs active at the same time:

    There can be only one VPN connection running at the same time. The existing interface is deactivated when a new one is created.

    That same page does mention that you can have apps running in different profiles using different VPNs at the same time. That might be an acceptable workaround for you.

    • ExLisper@lemmy.curiana.netOPEnglish
      2·
      3 hours ago

      The Android limitation is exactly what I found - only one VPN at a time. I checked the work profile trick and it does work, I can have two VPNs running. This is not ideal as apps from one profile still won’t use the commercial VPN but maybe I can live with that. I will do some more testing. Thanks for the tip.