[SOLVED] WireGuard VPN - Connecting to IPs on LAN not working - exception GW

[bse]

Hello everyone,

I could not find any other topic that covered my problem so I created this topic.
The guide I followed to set this up is this one:
https://homenetworkguy.com/how-to/configure-wireguard-opnsense/
I attached a png of my basic setup to this post (hope this works since I cannot see it on preview).

What works:
VPN connects and I can access the Internet and the opnsense Web-GUI while connected to the VPN.

What does not work:
Can neither ping nor access any other resource on the LAN 10.80.55.0/24

I am suspecting some firewall issue or routing to be the problem. I am however at a loss to where to add what or how to troubleshoot this issue.

What can I do? If more information is needed I am happy to provide.

[Greelan]

From what I can tell, you've configured WG IPs that are within your LAN? The WG network should be unique (the guide you linked has a warning that states that).

[bse]

Hey Greelan,
Maybe I did not a good job at explaining this part.
I had used the VPN Subnet 10.1.1.0 (what I think you mean by WG Subnet).
Here another Screenshots of what I did that may clarify this part.
Thanks.

[Greelan]

That's what I mean. You've given your phone an IP in your LAN subnet. It should instead be something like 10.1.1.2/32.

And the tunnel address in the OPNsense local config should be 10.1.1.1/24

[defaultuserfoo]

If the phone is an endpoint, it should be /32.  On the endpoint, the IP addresses and/or networks that are supposed to go over the tunnel need to be allowed.

[bse]

Thanks for the help everyone. This worked:

That's what I mean. You've given your phone an IP in your LAN subnet. It should instead be something like 10.1.1.2/32.

And the tunnel address in the OPNsense local config should be 10.1.1.1/24

I can reach every device on the subnet 10.80.55.0/24 now.