"
Perfekt that did the trick ;)
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
Virtual private networks / Re: Access host in subnet of wireguard peer
August 12, 2023, 03:37:45 PM #2
Virtual private networks / Re: Access host in subnet of wireguard peer
August 11, 2023, 01:12:52 PM
Hi Maurice,
thanks for your response. Ok will add these routes in routerA.
But I'm a little bit confused. Shouldn't I already be able to ping routerA from routerB? All neccesary routes should be available.
Routes on routerB:
Routes on clientA1:
Johannes
thanks for your response. Ok will add these routes in routerA.
But I'm a little bit confused. Shouldn't I already be able to ping routerA from routerB? All neccesary routes should be available.
Routes on routerB:
Quotenetstat -rn
Routing tables
Internet:
Destination Gateway Flags Netif Expire
default 178.200.132.1 UGS igc0
10.10.10.0/24 link#10 U wg1
10.10.10.1 link#10 UHS lo0
192.168.2.0/24 link#10 US wg1
Routes on clientA1:
Quoteip r
default via 192.168.2.1 dev eth0 proto dhcp src 192.168.2.142 metric 202
10.10.10.0/24 dev wg0 proto kernel scope link src 10.10.10.3
192.168.2.0/24 dev eth0 proto dhcp scope link src 192.168.2.142 metric 202
192.168.15.0/24 dev wg0 scope link
Johannes
#3
Virtual private networks / Access host in subnet of wireguard peer
August 11, 2023, 10:57:40 AM
Hi,
I've setup a tunnel from an old raspberry Pi to my opnsense firewall and want to connect both local subnets through this tunnel. The best solution would be a site-to-site connection between the two routers. Sadly this is not possible due to one of the boxes is "managed by the ISP" with very limited customization options.
For an overview of the network topology please see the attachment.
Additional information:
- clientA1 and routerB are connected through a wiregard tunnel
- routerA is Fritzbox
- routerB is my opnsense box
I'm able to ping the following hosts:
from clientB1: ping 192.168.2.142; ping 10.10.10.3
from clientA1: ping 192.168.15.1; ping 10.10.10.1; ping 192.168.15.100
My goal is to establish a connection from clientB1 to clientA2 (later on I want to extend this to open a connection in the reversed direction).
For clientA1 I enabled routing:
Unfortunately this setup is not complete yet?!? Tracing the route from routerB to routerA ends at 10.10.10.3:
Could you give me a hint what pieces are missing?
Regards
Johannes
I've setup a tunnel from an old raspberry Pi to my opnsense firewall and want to connect both local subnets through this tunnel. The best solution would be a site-to-site connection between the two routers. Sadly this is not possible due to one of the boxes is "managed by the ISP" with very limited customization options.
For an overview of the network topology please see the attachment.
Additional information:
- clientA1 and routerB are connected through a wiregard tunnel
- routerA is Fritzbox
- routerB is my opnsense box
I'm able to ping the following hosts:
from clientB1: ping 192.168.2.142; ping 10.10.10.3
from clientA1: ping 192.168.15.1; ping 10.10.10.1; ping 192.168.15.100
My goal is to establish a connection from clientB1 to clientA2 (later on I want to extend this to open a connection in the reversed direction).
For clientA1 I enabled routing:
Quotesysctl net.ipv4.ip_forwardand added two rules:
net.ipv4.ip_forward = 1
Quoteiptables -S
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A FORWARD -i wg0 -o eth0 -j ACCEPT
-A FORWARD -i eth0 -o wg0 -m state --state RELATED,ESTABLISHED -j ACCEPT
Unfortunately this setup is not complete yet?!? Tracing the route from routerB to routerA ends at 10.10.10.3:
Quotetraceroute to 192.168.2.1 (192.168.2.1), 64 hops max, 40 byte packets
1 10.10.10.3 (10.10.10.3) 83.402 ms 82.809 ms 57.917 ms
2 * * *
Could you give me a hint what pieces are missing?
Regards
Johannes
Pages1
