Messages

I removed networks from allowedIP, then added them again, and now routes work. Thanks

Place the respective remote networks into the "AllowedIPs" field on each side.

I have done that (on LAN3 router there is 10.2.2.0/24,10.10.10.0/24 and 172.16.64.0/24, on LAN1 there is 10.2.2.0/24,10.10.20.0/24). didnt work

How do I create routes through wg tunnel?
Here is my network:

                                                                             ISP1                       
             /-----10.2.2.0/24 (wg)------\            |
10.10.20.0/24 ---10.50.50.0/24  ---   10.10.10.0/24 - 172.16.100.0/24
   LAN3                           ISP2                         LAN1                  LAN2

I have working wg tunnel through ISP2, and I have access from LAN3 to LAN1 and back. But I need acces from LAN3 to LAN2
In allowed IP on LAN3 router I have 10.2.2.0/24(tunnel address), 10.10.10.0/24 and 172.16.100.0/24 (route for 10.10.10.0/24 created by wg, but no routes for 172.16.100.0/24)
on LAN1 I have 10.2.2.0/24 and 10.10.20.0/24. for LAN2 there is static route (172.16.100.0/24 via 10.10.10.30) on router LAN1 (there is no problem with routing between LAN1 and LAN2)

I cant update opnsense 21.7. Repo for FreeBSD not available

Code Select Expand

root@OPNsense:~ # opnsense-update -p -A 22.7
Updating FreeBSD repository catalogue...
pkg-static: http://pkgmir.geo.freebsd.org/FreeBSD:12:amd64/latest/meta.txz: Not Found
repository FreeBSD has no meta file, using default settings
pkg-static: http://pkgmir.geo.freebsd.org/FreeBSD:12:amd64/latest/packagesite.txz: Not Found
Unable to update repository FreeBSD
Updating OPNsense repository catalogue...
pkg-static: https://pkg.opnsense.org/FreeBSD:12:amd64/22.7/latest/meta.txz: Not Found
repository OPNsense has no meta file, using default settings
pkg-static: https://pkg.opnsense.org/FreeBSD:12:amd64/22.7/latest/packagesite.txz: Not Found
Unable to update repository OPNsense
Error updating repositories!
How can I update opnsense? Or I should do clean install?

I think on R3 you would need to add a route as well

R3 use opnsense router as default gateway. and PC have access to internet
Here is sh ip ro output:
Gateway of last resort is 192.168.1.1 to network 0.0.0.0

S*    0.0.0.0/0 [254/0] via 192.168.1.1
      10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        10.100.100.0/24 is directly connected, Ethernet0/1
L        10.100.100.1/32 is directly connected, Ethernet0/1
      192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.1.0/24 is directly connected, Ethernet0/0
L        192.168.1.101/32 is directly connected, Ethernet0/0

Only addresses on interfaces (192.168.1.101 - dhcp, 10.100.100.1 - static with dhcp server). There is no additional configuration done.
ip dhcp pool test
network 10.100.100.0 255.255.255.0
default-router 10.100.100.1
dns-server 8.8.8.8
!
interface Ethernet0/0
ip address dhcp
duplex auto
!
interface Ethernet0/1
ip address 10.100.100.1 255.255.255.0
duplex auto

Couldn't include network in the first post

Hello, I'm having trouble with routing on my router. I created a new gateway and assigned a route to it. Also set up outgoing NAT for the 10.100.100.0/24 network. Everything is allowed in the firewall settings for LAN. On the 10.100.100.0/24 network, there is access to the router (to its web interface) and the Internet, but no access to other network devices (in my case, the web server on a Linux VM, I get a timeout error). The clients themselves from the network 192.168.1.0/24 connect without problems to devices from the network 10.100.100.0 (web server on the PC VM). Also there are no problems with ping from both sides. When I create a route to the 10.100.100.0 network on the Linux VM, the web page on the PC VM opens instantly.

Помогите разобраться с настройкой. В сети 2 роутера (OPNsense и роутер на linux'е).
Инет <NAT> OPNsense <> Linux-R.
Инет  <NAT> 10.20.20.0/23 <> 172.16.100.0/24
Outgoing NAT в гибридном режиме (добавлена вторая подсеть). В файерволе со стороны LAN все разрешено.
Создал gateway и route в нужную сеть.
У клиентов сети Linux-R нет доступа к серверам в сети OPNsense (есть доступ только к самому OPNsense), но интернет работает. Только ping работает, но если на этих серверах добавить маршруты, то доступ появляется.
В обратную сторону все работает, машины с сети OPNsense спокойно подключаются к машинам второй сети.