OPNsense Forum
English Forums => Virtual private networks => Topic started by: freegate on February 24, 2023, 12:30:24 pm
-
Hello everyone,
I configured two opnsense sites with Wireguard with separate LAN addresses 192.168.0.0/24 (site A) and 192.168.10.0/24 (site B). Peers are done correctly on both sides. The "handshake" is done on both sides.
However, the workstations on site B manage to see the workstations on site A, but the workstations on site A cannot ping those on site B. However, I have set the same firewall rules on both sides.
A client-server configuration on site B works, however. Surely there is something wrong. But I can't see what? An idea ?
Cordially. :P
-
Did you add the correct allowed IP's on both ends?
Each end should have the opposite ends IP's.
-
Of course,
On the wireguard of site A, in allowed IP's, I set 192.168.10.0/24, and the IP of Wireguard B (10.8.0.2/32) and on the Wireguard of site B, I set 192.168.0.0 /24 as well as the IP on Wireguard A (10.8.0.1/32).
-
Check the routes on site A.
-
Check the routes on site A.
Wireguard site A : 192.168.0.1
Wireguard site B : 192.168.10.254
A tracert 192.168.0.1 from site B to site A returns:
1 <1ms <1ms <1ms 192.168.10.254
2 2ms 2ms 2ms 192.168.0.1
A tracert 192.168.10.254 from site A to site B returns
1 <1ms <1ms <1ms 192.168.0.1
2 <1ms <1ms <1ms LIVEBOX [192.168.3.1]
3 * * * Request timed out.
192.168.3.1 is the local IP of internet provider's box on site A
-
No, I meant check the routing table,
-
No, I meant check the routing table,
Ok but I'm sorry, I don't know how to do that.
-
System/Routes/Status
-
Status returns :
192.168.10.0/24 link#10 US NaN 1360 wg0 WG
Routing Table seems right, however ...
-
I found the solution.
The problem came from the LAN gateway which was not configured by default.
Demusman tipped me off
Thanks