"
Sure, what I need is to be able to audit the external IPs (WAN-Internet or WAN-Wireguard) making requests on the web server. For this purpose, I need the web server (LAN - 10.4.250.1) to recognize that the request is coming from the Wireguard client (10.0.2.11) rather than the WAN interface of OpnSense (10.0.0.4). The base configuration of OpnSense is built upon the OpnAzure project (https://github.com/dmauser/opnazure). Perhaps something like IP Forwarding is needed? I'm not sure.
Subnets:
- 10.0.0.4 (WAN - Untrusted)
- 10.0.1.4 (WAN - Trusted)
- 10.0.2.0/24 (Wireguard network)
- 10.4.0.0/16 (Services network)
I can access the Wireguard client 10.0.2.11 correctly from 10.4.0.0/16, and from this client, I can also access the service subnet (10.4.0.0/16) correctly.
Many thanks!
Subnets:
- 10.0.0.4 (WAN - Untrusted)
- 10.0.1.4 (WAN - Trusted)
- 10.0.2.0/24 (Wireguard network)
- 10.4.0.0/16 (Services network)
I can access the Wireguard client 10.0.2.11 correctly from 10.4.0.0/16, and from this client, I can also access the service subnet (10.4.0.0/16) correctly.
Many thanks!
