Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Can't access LAN from WireGuard VPN client
« previous
next »
Print
Pages:
1
[
2
]
Author
Topic: Can't access LAN from WireGuard VPN client (Read 20904 times)
guest36829
Guest
Re: Can't access LAN from WireGuard VPN client
«
Reply #15 on:
February 09, 2023, 03:48:41 pm »
Yes, that's correct, I can connect and access the internet but can't access LAN. See attached for my LAN and OPT1 (the interface the wireguard and wireguard client is on). My wireguard client is on 10.0.1.2 and I'm trying to access my LAN resource on 10.0.0.30 (10.0.0.0/24 is my LAN).
LAN:
OPT1:
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Can't access LAN from WireGuard VPN client
«
Reply #16 on:
February 09, 2023, 04:44:43 pm »
Wow! Smaller please.
Logged
guest36829
Guest
Re: Can't access LAN from WireGuard VPN client
«
Reply #17 on:
February 09, 2023, 05:27:51 pm »
Fixed. That's why I uploaded them as links at first. This forum doesn't seem to deal with large/hdi images very well
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Can't access LAN from WireGuard VPN client
«
Reply #18 on:
February 09, 2023, 05:48:45 pm »
That helps a lot, thanks.
I do think you're missing the part from here
https://homenetworkguy.com/how-to/configure-wireguard-opnsense/#optional-add-firewall-rules-to-access-internal-networksdevices
It appears to me you want to create the rules on OPT1 to allow in the traffic. You would do it selectively as per the tutorial but as a blank test you could create the "allow all" rule:
Option Value
Action Pass
Interface OPT1
TCP/IP Version IPv4
Protocol any
Source OPT1 net
Source Port any
Destination OPT1 address
Destination Port any
Description Allow all access to the WG interface
Logged
guest36829
Guest
Re: Can't access LAN from WireGuard VPN client
«
Reply #19 on:
February 09, 2023, 06:06:45 pm »
I tried adding this but no luck, I don't have access to the LAN.
Logged
Demusman
Sr. Member
Posts: 304
Karma: 13
Re: Can't access LAN from WireGuard VPN client
«
Reply #20 on:
February 09, 2023, 06:46:49 pm »
How do you know you're using the internet through the tunnel when connected?
What test did you do?
Your first rule on the LAN is useless, the OPT can never be a source on the LAN interface.
If you had no rules on the OPT nothing would be allowed on it.
Logged
guest36829
Guest
Re: Can't access LAN from WireGuard VPN client
«
Reply #21 on:
February 09, 2023, 10:25:51 pm »
I can see it going through my firewall and packet capture works on it, I stated this earlier and provided a picture.
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Can't access LAN from WireGuard VPN client
«
Reply #22 on:
February 09, 2023, 11:45:45 pm »
Network-wise it seems OK at the moment.
Perhaps it's time to verify that indeed there's a response from the end point back to the requesting client.
Since it appears from what I read that you see no returns in your packet captures or firewall logs.
Maybe a different application or the application logs.
Logged
Demusman
Sr. Member
Posts: 304
Karma: 13
Re: Can't access LAN from WireGuard VPN client
«
Reply #23 on:
February 10, 2023, 02:27:56 am »
What are you trying to access on your LAN?
If you are only trying a single pc the whole time, it may be a software firewall blocking you.
Can you access the routers webgui?
Logged
guest36829
Guest
Re: Can't access LAN from WireGuard VPN client
«
Reply #24 on:
February 10, 2023, 01:40:17 pm »
Well I have solved this issue now.
I looked into maybe there being a software firewall, it looks like there wasn't one enabled but I did try to ssh into some other devices on the network, and it appears I could. and I could access the webgui too. So it turns out this one particular vm on my server (the one that happens to have all my services that I'd want to access) had something very, very wrong with it's network configuration. It wasn't able to receive any connections from outside the subnet. I'm not sure exactly what was causing it so I decided to just do a full reinstall and setting up the docker containers once again, everything seems to work.
Thanks for all the help everyone, it helped lead me in the right direction. I appreciate it.
Logged
cookiemonster
Hero Member
Posts: 1823
Karma: 95
Re: Can't access LAN from WireGuard VPN client
«
Reply #25 on:
February 10, 2023, 02:20:06 pm »
Glad to hear
Logged
Print
Pages:
1
[
2
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Can't access LAN from WireGuard VPN client