From 7b8236f9c0965d5aaa77845bc410ab0d0445298d Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Sun, 26 Jul 2020 21:57:53 +0200
Subject: vpn: wireguard: all note about redefining allowed-ips

---
 docs/vpn/wireguard.rst | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'docs')

diff --git a/docs/vpn/wireguard.rst b/docs/vpn/wireguard.rst
index afd9abfd..0bf53159 100644
--- a/docs/vpn/wireguard.rst
+++ b/docs/vpn/wireguard.rst
@@ -85,6 +85,10 @@ through the WireGuard interface `wg01`. Multiple IPs or networks can be
 defined and routed, the last check is allowed-ips which either prevents
 or allows the traffic.
 
+.. note:: You can not assign the same allowed-ips statement to multiple
+   WireGuard peers. This a a design decission. For more information please
+   check the `WireGuard mailing list`_.
+
 
 To use a named key on an interface, the option private-key needs to be
 set.
@@ -257,3 +261,5 @@ Operational commands
 
   vyos@wg01# wireguard keypair default
 
+
+.. _`WireGuard mailing list`: https://lists.zx2c4.com/pipermail/wireguard/2018-December/003704.html
-- 
cgit v1.2.3