Show Posts
1
Virtual private networks / Can't route LAN traffic over Wireguard Gateway
« on: February 15, 2024, 01:28:57 am »
Hello,
I've had OPNsense set up for a while and have been able to do everything that I want except this. I have a Wireguard set up with a VPN provider so that I can route traffic from certain hosts in my LAN over the VPN connection and port forward over the VPN as well. I cannot figure out what I'm doing wrong. My regular WAN works fine and I've followed various guides such as https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html without luck.
I have been able to get this to work with OpenVPN, but when using Wireguard traffic seems to stop at my OPNsense router. As soon as I set up a firewall rule to set my Wireguard connection as the gateway for an address, the device that the rule applies to loses connection to anything outside the LAN. I have been able to get the router itself to successfully use the VPN as its gateway.
If I ping any address outside of my LAN from a device whose traffic should go over the VPN, my OPNsense responds, even if it wasn't the address being pinged. For example, if I ping 9.9.9.9:
Any info on what I might have misconfigured or what would cause my router to respond to other pings would be greatly appreciated. Thanks!
I've had OPNsense set up for a while and have been able to do everything that I want except this. I have a Wireguard set up with a VPN provider so that I can route traffic from certain hosts in my LAN over the VPN connection and port forward over the VPN as well. I cannot figure out what I'm doing wrong. My regular WAN works fine and I've followed various guides such as https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html without luck.
I have been able to get this to work with OpenVPN, but when using Wireguard traffic seems to stop at my OPNsense router. As soon as I set up a firewall rule to set my Wireguard connection as the gateway for an address, the device that the rule applies to loses connection to anything outside the LAN. I have been able to get the router itself to successfully use the VPN as its gateway.
If I ping any address outside of my LAN from a device whose traffic should go over the VPN, my OPNsense responds, even if it wasn't the address being pinged. For example, if I ping 9.9.9.9:
Quote
PING 9.9.9.9 (9.9.9.9) 56(84) bytes of data.
64 bytes from 10.0.1.1: icmp_seq=1 ttl=64 time=0.137 ms (DIFFERENT ADDRESS!)
Any info on what I might have misconfigured or what would cause my router to respond to other pings would be greatly appreciated. Thanks!