OPNsense Forum

English Forums => Virtual private networks => Topic started by: Syon on August 23, 2024, 07:44:35 am

Title: Wireguard no Ping from Lan to WG0 Clients
Post by: Syon on August 23, 2024, 07:44:35 am

Hello,
I have the situation that I'm not be able to send even a Ping from a LAN Client to a Wireguard Client. It is not a Problem if both Machines are connected through Wireguard.
I have also full access from the Wireguard Clients.
What am I missing?

My config:

Client:

Code: [Select]

[Interface]
Address = 10.0.10.5/24
PrivateKey = ***
ListenPort = 51820
DNS = 10.0.10.1

[Peer]
PublicKey = ***
Endpoint = ***:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25
Firewall:Rules:WG0

Code: [Select]

IN  IPv4*  LANIP/24  *  WireGuard (Group) net  *  *  *
Firewall:Rules:Wiregguard(Group)

Code: [Select]

IN  IPv4+6*  Wireguard (Group) net  *  *  *  *  *
Firewall:Rules:LAN

Code: [Select]

IN  IPv4* LANIP/24  *  WireGuard (Group) net  *  *  *
I can see, that the Firewall ist letting it throu

Code: [Select]

WG0 2024-08-23T07:40:11 LANIP 10.0.10.5 icmp let out anything from firewall host itself
LAN 2024-08-23T07:40:11 LANIP 10.0.10.5 icmp Pass everything !NET

Title: Re: Wireguard no Ping from Lan to WG0 Clients
Post by: mifi42 on August 23, 2024, 11:35:59 am

Have you considered the client on the LAN might not have a route to the subnet at the far end?

m

Title: Re: Wireguard no Ping from Lan to WG0 Clients
Post by: Syon on August 23, 2024, 02:21:15 pm

No, and it was working in the past without extra gateway and route.... I have changed many Firewall rules and I think, I have missed something since than. But its to long ago for me to remember the exact way.