OPNsense Forum
English Forums => Virtual private networks => Topic started by: phqzgunsfjror on March 28, 2024, 01:05:36 pm
-
Is there any tutorial to set up OPNsense acting as a Wireguard client in order to access remote network? Something like:
MyNotebook -> OPNsense A (Wireguard client) -> Remote Wireguard Server B -> Remote server/apps B
Unfortunately I see only a doc for:
- WireGuard Site-to-Site Setup: https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html
OPNsense A (Wireguard server) <-> OPNsense B (Wireguard server)
- WireGuard Road Warrior Setup: https://docs.opnsense.org/manual/how-tos/wireguard-client.html
MyNotebook -> OPNsense A (Wireguard server) -> Remote server/apps A
I can't imagine
-
There is no strict client/server distinction in WireGuard, only peers. What exactly is the problem you are facing?
-
The Wireguard handshake is successful, but I can't access access remote network B.
I guess something is missing on firewall side or NATing or something. That is why a guide / howto for this scenario would be great!
-
more likely than not it's just a question of the allowed ips on either side of the tunnel. and/or FW rules.
-
I think this part is not needed:
Step 4a - Setup Firewall Site A
Go to Firewall ‣ Settings ‣ Normalization and add a new rule to prevent fragmentation of traffic going through the wireguard tunnel.
https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html
At least disabling it solved my problem
https://forum.opnsense.org/index.php?topic=39717.0
-
I want to know what changed, does wireguard do this automatically now?