Quick question...

[Hoe]

Hey guys,

I have a Site to Site VPN up between two OPNsense boxes and my Mobile connected to one of them.

SITE A has both devices connected to it and can ping everything.

However both Site A & my Mobile cannot ping each other?!

I notice under Firewall after you have assigned an interface you have the one you added and the WireGuard one which gets created when the tunnel comes up.

I have for now added allow Any rules for everything both inbound and outbound but clients still cannot talk to each other is there something else I need to do?!

Thanks

[Hoe]

Figured this out too, Outbound NAT, Interface "WireGuard" Source "VPN net" Address "VPN Address".

Thanks anyway.

[Greelan]

I am a bit late to the party but I assume you have seen the various official guides? https://docs.opnsense.org/plugins.html#vpn-connectivity

Also the "WireGuard" that shows under interfaces when a local config is enabled is AFAIK a Group for all the wgX devices configured

[Hoe]

I have yes but well to be honest got all confused at various stages due to complications with host provider and all sorts and well got ahead of myself I guess.

Only problem I seem to have now if out of the 2x OPNsense boxes only one of them will respond to DNS, I have no idea why, there is a rule in Unbound, VPN Traffic is set to allow any in \ out.

I can't test it on it's LAN as it's the cloud box, though it does have a LAN port configured and Unbound is running so that's not it. IDK what's going on with it.

[Hoe]

I have resolved this too sweet everything is working thanks for reading anyone lol. ;)

This was a Firewall rule issue, I incorrectly assumed source * destination * would include "This Firewall".

It didn't I had to add a rule for this separately, I had 1 half of this in place when I was trying someone else already hence the receiving but not answering requests!

Thanks