Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard and routing issues
« previous
next »
Print
Pages: [
1
]
Author
Topic: Wireguard and routing issues (Read 1115 times)
enmi
Newbie
Posts: 7
Karma: 0
Wireguard and routing issues
«
on:
November 08, 2023, 04:17:11 pm »
Hi, My current setup is as follows:
Wireguard instance 1:
Site to Site Setup using:
https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html
Settings:
Port: 51820
Tunnel address: 10.2.2.1/24
Peers
wgopn-site-b
Peer
Settings
Name: wgopn-site-b
Allowed IPs: 10.2.2.2/32, 10.0.22.0/24, 172.16.10.0/24
Endpoint port: 51820
Keepalive interval: 25
Wireguard instance 2:
Roadwarrior setup using:
https://docs.opnsense.org/manual/how-tos/wireguard-client.html
Settings:
Port: 51821
Tunnel address: 10.10.10.1/24
Peers
Laptop01
Peer
Settings
Name: Laptop01
Allowed IPs: 10.10.10.3/32, 10.0.22.0/24, 172.16.10.0/24
Lan on site A : 172.16.10.0/24
Lan on site B : 10.0.22.0/24
Currently i can ping the clients on network 172.16.10.0/24 from my roadwarrior client "Laptop01" but not the 10.0.22.0/24 network. but if I connect via ssh to a server on 172.16.10.10/24 i can ping 10.0.22.7 i have tried with adding gateways,static routes, and adding firewall rules. but i feel I'm starting to make a mess of things.
Anyone got any tips of were i should start?
Logged
jorge512
Newbie
Posts: 3
Karma: 0
Re: Wireguard and routing issues
«
Reply #1 on:
March 18, 2024, 09:28:12 pm »
cannot seem to locate were to start a topic. untangle home edition has been will be discontinued and no longer provided
after researching i have installed opnsense. got the wiregaurd up and running with one client using warrior install guide.
does anyone have a guide on how to add multiple wireguard clients?
thank you,
Logged
Patrick M. Hausen
Hero Member
Posts: 6807
Karma: 572
Re: Wireguard and routing issues
«
Reply #2 on:
March 18, 2024, 09:45:24 pm »
Just add more peers to the same instance.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
jorge512
Newbie
Posts: 3
Karma: 0
Re: Wireguard and routing issues
«
Reply #3 on:
March 18, 2024, 10:59:17 pm »
thx for your reply
so just add peer with the tunnel wireguard and keep the same instance and all firewall rules the same only changes is the subnet for the clients and names of course, correct?
Logged
Patrick M. Hausen
Hero Member
Posts: 6807
Karma: 572
Re: Wireguard and routing issues
«
Reply #4 on:
March 18, 2024, 11:00:05 pm »
Yep.
To elaborate: for a road warrior why are you using an entire subnet per peer? You can use one e.g. /24 for the instance, assign 192.168.0.1/24 to the instance on OPNsense and 192.168.0.2/32, 192.168.0.3/32, ... via "AllowedIPs" to the individual peers.
On the peer side assign to "AllowedIPs" either 192.168.0.0/24 plus whichever other networks you want to reach or "0.0.0.0/0" to direct all traffic into the tunnel.
«
Last Edit: March 18, 2024, 11:02:09 pm by Patrick M. Hausen
»
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
jorge512
Newbie
Posts: 3
Karma: 0
Re: Wireguard and routing issues
«
Reply #5 on:
March 18, 2024, 11:01:35 pm »
thx
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard and routing issues