My VPN provider has a limit to how many concurrent connections I can have, and a workaround I’ve been using is to run the Wireguard client as a daemon (wg-quick@my-wg-config) and a Squid proxy on my home server, and point my local devices to the HTTP proxy port, which will route the traffic through the Wireguard connection. However, this has broken randomly multiple times in the past few months, where it will randomly decide to just not allow the server to connect to ANY internet address while the Wireguard connection is active, and no amount of network or routing table configuration changes fixes it. The Squid proxy works fine as far as I can tell, it’s just the Wireguard connection that’s failing, which doesn’t even allow a ping to an internet address from the server’s terminal (which doesn’t go through the proxy). The only way I’ve been able to fix it is to completely reinstall the OS on the server and reconfigure everything from scratch, which is annoying and also only works until it randomly decides to break again. This makes me think I’m doing something wrong.

Is there a more “proper” or widely supported way of routing internet traffic on local devices through a single Wireguard connection? Everything I could read online says running Wireguard with an HTTP proxy server is the way to do it, but it clearly isn’t very reliable or my computer is just defective in some weird intermittent way? The server is running Fedora Server 43. I’ve also checked for SELinux denials but there are none.

I’m aware of wireproxy but it uses a SOCKS5 proxy which is not as widely supported as an HTTP proxy and a lot of my devices (mainly phones) won’t be able to access it. Also I’d like the server itself to also use the VPN, not just the devices on the proxy.

Does anyone have more experience with this and can give some advice?