"
Thanks but I don't use IOS and in any case I need to keep Wireguard active for an external connection to another VPN. I would like to figure out how to restore the behavior of 24.x where I could access Opnsense through the WAN IP from within the LAN.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Pages1
#1
25.1, 25.4 Production Series / Re: Connecting to Wireguard through WAN IP from within LAN
March 12, 2025, 05:32:58 AM #2
25.1, 25.4 Production Series / Connecting to Wireguard through WAN IP from within LAN
March 10, 2025, 05:13:37 AM
A few days ago I upgraded to Opnsense 25.1 from 24.x and my Wireguard access is not working as it was.
I have Wireguard set up in a Road Warrior style to allow my Android phone to connect to LAN services when away from home. External access through Wireguard is still working after the upgrade to 25.1.
What has changed though, is that my phone can no longer access LAN addresses through Wireguard when at home and connected to wifi. This was working fine under 24.x and earlier for several years.
The issue seems to relate to the Opnsense peer in my Wireguard app using my WAN IP as its endpoint. When I come home and join the LAN, my phone cannot seem to connect through the WAN IP. If I change the Opnsense peer endpoint to my local Opnsense IP (192.168.xx.1) I regain local access but of course I lose access away from home.
My reading indicates this may relate to NAT reflection but there's nothing related to that in the Road Warrior docs, and the settings in Firewall > Settings > Advanced didn't change anything.
I am struggling to debug this and provide logs because I can't see any sign of my phone traffic in the live firewall logs.
Does anyone have this working and can help me resolve it, or point me to how I might debug it?
Thanks :)
(PS: My wider network config is more complex, with selective routing, Mullvad and VLANs but I don't think they're involved with this problem)
I have Wireguard set up in a Road Warrior style to allow my Android phone to connect to LAN services when away from home. External access through Wireguard is still working after the upgrade to 25.1.
What has changed though, is that my phone can no longer access LAN addresses through Wireguard when at home and connected to wifi. This was working fine under 24.x and earlier for several years.
The issue seems to relate to the Opnsense peer in my Wireguard app using my WAN IP as its endpoint. When I come home and join the LAN, my phone cannot seem to connect through the WAN IP. If I change the Opnsense peer endpoint to my local Opnsense IP (192.168.xx.1) I regain local access but of course I lose access away from home.
My reading indicates this may relate to NAT reflection but there's nothing related to that in the Road Warrior docs, and the settings in Firewall > Settings > Advanced didn't change anything.
I am struggling to debug this and provide logs because I can't see any sign of my phone traffic in the live firewall logs.
Does anyone have this working and can help me resolve it, or point me to how I might debug it?
Thanks :)
(PS: My wider network config is more complex, with selective routing, Mullvad and VLANs but I don't think they're involved with this problem)
Pages1
