1
24.7 Production Series / Re: Version 24.7.1 Wireguard with DHCP sites failing - USER ERROR
« on: August 09, 2024, 02:49:50 pm »
Nevermind. I had my firewalls rules misconfigured.
Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages: [1]
2
24.7 Production Series / Version 24.7.1 Wireguard with DHCP sites failing
« on: August 09, 2024, 02:38:03 pm »
We use wireguard for VPN between sites. Two of our sites have DHCP addresses while others have static public IP addresses.
To enable connectivity, the sites with static IP addresses, under wireguard endpoint connection don't have the other party address, as this is not known.
After upgrading a site with static IP, we noted that the two sites with DHCP would not connect back to this site. I tried restarting the wireguard at both ends. When checking wireguard status, the DHCP site is sending traffic to the static IP one, but nothing being received.
Note that this is happening with 24.7.1, as the other sites under 24.7_9 are not displaying this behaviour.
To enable connectivity, the sites with static IP addresses, under wireguard endpoint connection don't have the other party address, as this is not known.
After upgrading a site with static IP, we noted that the two sites with DHCP would not connect back to this site. I tried restarting the wireguard at both ends. When checking wireguard status, the DHCP site is sending traffic to the static IP one, but nothing being received.
Note that this is happening with 24.7.1, as the other sites under 24.7_9 are not displaying this behaviour.
3
Virtual private networks / Block backup traffic on wireguard Site to Site when on slow WAN Failover
« on: June 25, 2024, 05:28:42 pm »
We have set up a Site to Site connection using wireguard. We use this connection for regular office traffic as well as for heavy remote backups.
We also have a WAN failover comprised of a fiber connection and a backup 5G service.
When the main ISP is down, the wireguard connection gets recreated on the 5G service, but all the bandwidth is being taken away by the backup traffic. Is there a way to block this heavy traffic over the wireguard interfaces when we are in the slow 5G network?
We also have a WAN failover comprised of a fiber connection and a backup 5G service.
When the main ISP is down, the wireguard connection gets recreated on the 5G service, but all the bandwidth is being taken away by the backup traffic. Is there a way to block this heavy traffic over the wireguard interfaces when we are in the slow 5G network?
4
Virtual private networks / Re: Routing traffic through central Wireguard node
« on: March 25, 2024, 01:43:16 pm »
Why don't you just create one Wireguard network, with two Peers:
On Servers, the peers will be OPNSense and Mikrotik,
On OPNSense, the peers will be Servers and Mikrotik,
On Mikrotik, the peers will be OPNSense and Servers
That way everyone can talk to each other over the same WG network.
On Servers, the peers will be OPNSense and Mikrotik,
On OPNSense, the peers will be Servers and Mikrotik,
On Mikrotik, the peers will be OPNSense and Servers
That way everyone can talk to each other over the same WG network.
Pages: [1]