Regression: Cannot select Predefined Traffic anymore in Defguard Desktop (Windows) since v1.6.0+ – stuck on All traffic

[Blamo27]

We are experiencing a regression in Defguard Desktop on Windows related to traffic selection.

In Defguard Desktop v1.5.2, users could correctly choose between:

• All traffic
• Predefined traffic

This worked as expected and matched the WireGuard AllowedIPs behavior.

Since upgrading to newer versions (current version), clients are now forced into “All traffic” mode and the “Predefined traffic” option is no longer selectable, even though:

• The backend WireGuard configuration is unchanged
• Other clients previously using predefined/split traffic worked correctly on v1.5.2
• No 0.0.0.0/0 route is actually installed on the affected client in some cases

This creates a confusing and inconsistent state where:

• The UI shows All traffic and cannot be changed
• The client may not actually have a default route via WireGuard
• Split tunneling is no longer possible from the client side

[kchudy]

@Blamo27 Just to confirm - you’re using a plain WireGuard setup on the backend, you haven’t deployed Defguard server-side, and you’re only using the Defguard Desktop client application, correct?

We were able to reproduce the bug in this scenario. We'll prepare a fix for that soon. Please follow the issue for progress.

[Blamo27]

@kchudy Correct, I am using WireGuard backend and Defguard as client.

Thank you for the follow-up.