Wireguard road warrior lan access

Started by billhill, October 21, 2019, 05:57:18 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 21, 2019, 05:57:18 PM
So I've managed to get my wireguard vpn setup working between my laptop and phone on dynamic remote networks without too much issue, and they are now routing all of my traffic through my opnsense server at my home, but the issue I'm having now is that I cannot access any of my lan devices on my home network behind my opnsense server.  I'm not an expert by any means and this is my first time attempting to use opnsense.  I'm guessing there is something on the firewall I have to configure between my wireguard interface and the lan interface? 

Any suggestions would be very much appreciated.

My home lan is 192.168.0.0/23 and I've set up my wireguard addresses as 10.0.0.1/24 10.0.0.2/24 10.0.0.3/24.

on my laptop for instance, I set up my wg0.conf as follows
[Interface]
PrivateKey = xxxx=
Address = 10.0.0.2/24

[Peer]
PublicKey = xxxx=
AllowedIPs = 0.0.0.0/0, 192.168.0.0/23
Endpoint = x.x.x.x:51820

I can ping the server at 10.0.0.1 but when I try to ping any of the other devices I get nothing.

October 21, 2019, 06:31:44 PM #1
Did you set correct Firewall rule? Do you use any gateway routing? Which guide did you follow for setting up WireGuard?
October 21, 2019, 07:41:16 PM #2
This is all I have set up outside of the wireguard.  I initially used the opnsense wireguard guide, then I started chasing the rabbit all over google with any other article I could find any relevance to my desired config.


https://imgur.com/a/3ENmqCv
October 21, 2019, 08:46:04 PM #3
I think I know what my problem may be but I am not sure how to resolve the issue.  The network my laptop is connected to right now is a 192.168.1.0/24 network and my home network is 192.168.0.0/23 network.  If I remote VNC into one of my machines at home I can ssh and ping my laptop which is connected through the wireguard VPN @ 10.0.0.2.  I cannot connect to any of the devices on my home lan via work laptop that have a 192.168.1.whatever IP address.  I do have a funky setup via my isp which the cable modem will spit out DHCP to anything without a static ip and I just happen to have a device sitting at 10.1.10.120 that I'm able to ssh into via my work laptop, but if I try to ping anything on my home lan it just times out. 

I'm assuming that this is a subnet issue from the vague experience I have with networking.  But I'm not sure how to resolve it.  I have zero control over the network at my office where my laptop is, but I have total control over my home network where my opnsense router is.  What I'm trying to avoid is having to change my home lan addressing.  I have over 200 devices running on that network and the majority of them have static IP's ( I've been doing a ton of IoT r&d along with home automation stuff).  What I cannot understand is in the past before I set up my opnsense router, I used an off the shelf asus router on my network and a pptp vpn connection that gave me access to my entire home network no matter what the subnet of the remote network was.
October 22, 2019, 05:41:38 AM #4
If your assumption is true your vpn should work everywhere else. Can you verify this?
Print
Go Up Pages1
User actions