"
About ready to throw in the towel on this project. Just when I think I have things working, another issue pops up. In short trying to work around my ISP not being willing to provide a static IP by using a tunneled static IP via Wireguard. I feel like one needs to be an expert in network engineering to get this working on Opnsense/Pfsense however.
Followed the below to a "T" and get my primary unfiltered internet going on 192.168.1.1 and the VLAN traffic on VLAN2 subnet 192.168.2.1.
https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html
At first all seems to be good and working as it should. After a while however, I am unable to access certain (random) sites from the primary subnet. Subnet that is going over Wireguard continues to work fine. I noticed for example google.com works fine, fedex.com does not. Doing a tracert to google.com is normal, fedex.com dies at my ISP's gateway. Shutdown the Wireguard tunnel everything returns to normal on the primary subnet.
Thinking perhaps some traffic from the primary subnet is "leaking" to the Wireguard gateway, I try adding an explicit rule for the LAN subnet to send all outgoing traffic direct to the WAN interface. No change in behaviour, the only thing that corrects the problem is stopping Wireguard.
Is there something critical missing from the linked instructions that could be causing this undesired behaviour?
Followed the below to a "T" and get my primary unfiltered internet going on 192.168.1.1 and the VLAN traffic on VLAN2 subnet 192.168.2.1.
https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html
At first all seems to be good and working as it should. After a while however, I am unable to access certain (random) sites from the primary subnet. Subnet that is going over Wireguard continues to work fine. I noticed for example google.com works fine, fedex.com does not. Doing a tracert to google.com is normal, fedex.com dies at my ISP's gateway. Shutdown the Wireguard tunnel everything returns to normal on the primary subnet.
Thinking perhaps some traffic from the primary subnet is "leaking" to the Wireguard gateway, I try adding an explicit rule for the LAN subnet to send all outgoing traffic direct to the WAN interface. No change in behaviour, the only thing that corrects the problem is stopping Wireguard.
Is there something critical missing from the linked instructions that could be causing this undesired behaviour?
