Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard Site to Site, Peer sees Lan but Lan can't see Peer
« previous
next »
Print
Pages:
1
[
2
]
Author
Topic: Wireguard Site to Site, Peer sees Lan but Lan can't see Peer (Read 2740 times)
Greelan
Hero Member
Posts: 1028
Karma: 72
Re: Wireguard Site to Site, Peer sees Lan but Lan can't see Peer
«
Reply #15 on:
February 15, 2023, 10:32:00 am »
I was referring to routes on your router.
Logged
RSpin
Newbie
Posts: 11
Karma: 0
Re: Wireguard Site to Site, Peer sees Lan but Lan can't see Peer
«
Reply #16 on:
February 16, 2023, 03:26:51 pm »
Sorry, I have not set up any static routes on ONPsense or on the router that the Pi is connected.
Logged
RSpin
Newbie
Posts: 11
Karma: 0
Re: Wireguard Site to Site, Peer sees Lan but Lan can't see Peer
«
Reply #17 on:
February 16, 2023, 11:53:37 pm »
Your assistance so far has led me to start reading a little on IP routing and while I am not entirely sure I understand it all I think maybe what I need to add to the PI's wg configuration is the following:
PostUp = iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
PreDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
Does that sound right? What still has me confused is why the PI can see everything on my OPNsense network when I haven't added anything to the OPNsense config. Does the plugin do all that for me?
Before I try this, I want to be sure that I don't lock myself out of being able to connect to the PI via ssh and VNC should the tunnel go down. Will the above somehow result in the Pi only wanting to communicate via the tunnel given I have included the entire local network in the allowed IP. I think I saw some instructions on how to avoid that but not sure it was related to this. Sorry, but I get nervous when I'm not sure I understand exactly what is going on and it's a whole thing if I get locked out of the PI since it is remote.
Logged
Print
Pages:
1
[
2
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard Site to Site, Peer sees Lan but Lan can't see Peer