- I have a bunch of firewalls I support which have dynamic IP.
- The main site (hub and spoke) has a static IP.
- The remote sites all make wg tunnels from remote to main site
.
I can no longer ping the remote site wg tunnel IP, and, I used to be able to. It's making a wg tunnel fine.
I can ping just fine any other wg VPN site to site tunnel IP where the other site has a static WAN IP.
Just wg to wg using the tunnel IP, it no longer works IF the remote side peer does not have a static WAN IP and port.
One site was working fine.
Main site:
WAN 202.202.202.202 (made up)
WG listens on 202.202.202.202 port 51820
tunnel IP for peer: 10.100.100.1/24
Remote site:
WAN DHCP / not static
tunnel IP for main site peer 10.100.100.2/24
It was all working fine:
I could ping 10.100.100.2 from main site... all good!
Upgrade remote site 25.7.8... post reboot it came up, tunnel address answered about 5 pings and then gone.
Looks related to 27.7.8, main site and now remote sites all running 25.7.78 and multiple reboots but cannot ping wg tunnel addresses anymore.
Ok!
Working this morning after leaving it overnight.
Utterly no idea why. I rebooted multiple times both the remote and the main site firewall and yet I could not ping from main site to remote site the wg tunnel interface IP. Yet, after waiting overnight, it's working....
Very strange.