vpn: wireguard: all note about redefining allowed-ips

author: Christian Poessinger <christian@poessinger.com> 2020-07-26 21:57:53 +0200
committer: Christian Poessinger <christian@poessinger.com> 2020-07-26 21:57:53 +0200
commit: 7b8236f9c0965d5aaa77845bc410ab0d0445298d (patch)
tree: 453a4d24ba13353342e92a0afdde7fbd9d248d4c /docs/vpn
parent: 2694f6007bdd15b699c8b06994600db48cfd3c4d (diff)
download: vyos-documentation-7b8236f9c0965d5aaa77845bc410ab0d0445298d.tar.gz
vyos-documentation-7b8236f9c0965d5aaa77845bc410ab0d0445298d.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/docs/vpn/wireguard.rst b/docs/vpn/wireguard.rst
index afd9abfd..0bf53159 100644
--- a/docs/vpn/wireguard.rst
+++ b/docs/vpn/wireguard.rst
@@ -85,6 +85,10 @@ through the WireGuard interface `wg01`. Multiple IPs or networks can be
 defined and routed, the last check is allowed-ips which either prevents
 or allows the traffic.
 
+.. note:: You can not assign the same allowed-ips statement to multiple
+   WireGuard peers. This a a design decission. For more information please
+   check the `WireGuard mailing list`_.
+
 
 To use a named key on an interface, the option private-key needs to be
 set.
@@ -257,3 +261,5 @@ Operational commands
 
   vyos@wg01# wireguard keypair default
 
+
+.. _`WireGuard mailing list`: https://lists.zx2c4.com/pipermail/wireguard/2018-December/003704.html
author	Christian Poessinger <christian@poessinger.com>	2020-07-26 21:57:53 +0200
committer	Christian Poessinger <christian@poessinger.com>	2020-07-26 21:57:53 +0200
commit	7b8236f9c0965d5aaa77845bc410ab0d0445298d (patch)
tree	453a4d24ba13353342e92a0afdde7fbd9d248d4c /docs/vpn
parent	2694f6007bdd15b699c8b06994600db48cfd3c4d (diff)
download	vyos-documentation-7b8236f9c0965d5aaa77845bc410ab0d0445298d.tar.gz vyos-documentation-7b8236f9c0965d5aaa77845bc410ab0d0445298d.zip