Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
How to pcap on Wireguard site-to-site?
« previous
next »
Print
Pages: [
1
]
Author
Topic: How to pcap on Wireguard site-to-site? (Read 2303 times)
chemlud
Hero Member
Posts: 2485
Karma: 112
How to pcap on Wireguard site-to-site?
«
on:
December 01, 2020, 04:14:34 pm »
Hi again!
Have here a Wireguard site-to-site tunnel between 2x OPNsense 20.7.4, all working. The remote sense does the DNS for the local network (DHCPv4 hands out the remote LAN address of sense as DNS). That works just fine.
On the local sense I can pcap on the LAN and see the packages for DNS coming and replies from remote sense flowing back. Fine.
But if I do a pcap (Interfaces -> Diagnostics) on the LAN of the remote sense, I don't see any DNS packages at all (also tried WAN interface, but doesn't help). So the packages flow through the tunnel, but are invisible for pcap on the sense doing the DNS requests.
On the sense doing the DNS I had to assign an interface (otherwise no FW-rules tab was generated), but the interface is not activated. Should that be enabled? Would that help for the pcap problem?
Logged
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare
felix eichhorns premium katzenfutter mit der extraportion energie
A router is not a switch - A router is not a switch - A router is not a switch - A rou....
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: How to pcap on Wireguard site-to-site?
«
Reply #1 on:
December 01, 2020, 07:49:18 pm »
Via console
tcpdump -n -i wg0
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
How to pcap on Wireguard site-to-site?
