Wireguard and OSPF

Started by Lokutos, January 15, 2023, 03:36:23 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 15, 2023, 03:36:23 PM
Just searching for agreement or better solution ;-)

I have

Site A / Site B / Site C (and many others)
now i want to switch from IPsec top WireGuard.

Current config is
every Firewall has one Side2Side IPsec VPN with a routed based Phase 2
for this Side2Side, I have configured an Interface with no IP Config.

This results in the end

Side A        Site B       Site C
10.0.0.1     10.0.0.2    10.0.0.3

and IPSec Tunnels from
Site A 10.0.0.1 <-> Site B 10.0.0.2
Site B 10.0.0.2 <-> Site C 10.0.0.3
Site C 10.0.0.3 <-> Site A 10.0.0.1

And over all, OSPF working...


Now i want to switch to WireGuard

so in my understanding i have to create one Tunnel per connection like IPsec before
but i have to assign the ip in the Interface -> Witch result in not possible because IP can only assign to one Interface.

In the other way that i just use one WireGuard setting and add all Endpoints/Other sites to it, it's not possible to add the 0.0.0.0/0 (or required 224.0.0.0/24) to all endpoints.

So is it right that i have to use one WireGuard Tunnel each connection
and have to use a different IP local for each connection?

This result in
and IPsec Tunnels from
Site A 10.0.0.1 <-> Site B 10.0.0.2
Site B 10.0.0.3 <-> Site C 10.0.0.4
Site C 10.0.0.5 <-> Site A 10.0.0.6

And get way complicated for more than 3 sites.
Print
Go Up Pages1
User actions