Hello all,
I am trying to set up a WG S2S configuration. SiteA is my main OPNsense gateway and siteB shall route all its traffic trough siteA. SiteB has (currently) only one network attached on its LAN side. That's 172.22.2.0/24.
I've added on siteA that network in the endpoint "Allowed IPs". As well as 10.254.253.2/32 which is the WG address.
(http://wg_setup_sizea.png)
One note to siteA. The WG interface is not the WAN interface but a LAN (actually a VLAN).
The WG tunnel is up and the handshake is successfully done.
But now, if I want to reach (ping) from siteA e.g. 172.22.2.10 (which is "behind" the WG tunnel) the packages are send out over re1 which is the WAN interface of siteA.
The same is happening for the return packages of pings from 172.22.2.10 to e.g. 172.16.5.1 [which is an IP address of siteA on one of its VLANs] are also send out via re1 (confirmed by "tcpdump -vv -n -i re1 icmp").
netstat -rn -4 does NOT contain any reference of 172.22.2.
I guess therefore the packages are send out via WAN.
Now I am wondering how to get the entry for 172.22.2.0/24 in the "routing table".
Thanks!
#m