Confused about AllowedIPs meaning?

Gunnar Niels gunnar.s.niels at
Wed Jul 29 18:27:57 CEST 2020

On 7/29/20 12:11 PM, M Rubon wrote:
> AllowedIPs  — a comma-separated list of IP (v4 or v6) addresses
> with CIDR masks which are allowed as
>         destination addresses when sending via this peer and are
> allowed as source addresses when receiving via this peer.

+1, the man page definition you cited is somewhat ambiguous; this is a more
explicit definition that clears up the ambiguity.

I really appreciate all the responses, it's been very helpful. I've waiting on
the hardware I've selected to ship before deploying the suggestions. I'm planning
on using a pfsense default gateway for both networks and running RPi 4s
with static addresses on both subnets as wireguard gateways between the two nets
(they have gigabit NICs which is a nice upgrade over my older 3s, especially
for this use-case). From some of the PFSense community discussions, it doesn't
look like they're ready to accept an official wireguard plugin, although there
are some community contributions.

I will report back after I've my hardware has arrived and I've had some time to


More information about the WireGuard mailing list