Hej,
I have a question of understanding. I have set up a wireguard connection between 2 OPNsense locations (Site2Site).
By mistake I have defined 2 different tunnel addresses in the localpoints:
Site1 = 10.5.22.1/24
Site2 = 10.5.5.1/24
Nevertheless everything works as desired. How can this be? Are the same tunnel addresses no longer important?
Of course wireguard was restarted on both machines.
Although virtually every wireguard how-to tells you to configure prefixes on the wireguard tunnels/interfaces they are in fact not required at all for wireguard to function. You can configure them if you need them as a route target (to route traffic into the tunnel) but otherwise I prefer to just leave them away.
What's important are the "Allowed IP" fields. Make sure they contain the prefixes you want to make it through the tunnel. If wireguard sees a package with a source IP that's not listed here it will just discard the packet.
Thank you for your answer. My problem has already been solved in the german section of this forum.