Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Replying Traffic Not Sent Out Correct Interface
« previous
next »
Print
Pages: [
1
]
Author
Topic: Replying Traffic Not Sent Out Correct Interface (Read 881 times)
Twitchiz
Newbie
Posts: 14
Karma: 0
Replying Traffic Not Sent Out Correct Interface
«
on:
September 06, 2023, 03:26:00 am »
Hello everyone. I have a VPS that exists as a front end with public IPs and has wireguard installed on it. It connects to Opnsense via said wireguard. Packets arriving on the public IP are forwarded to a certain VM. This VM can access the internet over wireguard due to a firewall rule, but when trying to access the server from the outside via ping or HTTPS, Opnsense sends the reply out my WAN interface instead of back over wireguard. I've tried disabling force gateway and reply-to but I haven't had any luck with it, unless I'm not doing something else I need to be doing. Any ideas?
Logged
Maurice
Hero Member
Posts: 1213
Karma: 158
Re: Replying Traffic Not Sent Out Correct Interface
«
Reply #1 on:
September 06, 2023, 05:34:37 am »
In the firewall rules which allow inbound ping + https on the WireGuard interface, explicitly set 'reply-to' to the WireGuard gateway. This will force the VM's replies back through the tunnel.
Cheers
Maurice
Logged
OPNsense virtual machine images
OPNsense aarch64 firmware repository
Commercial support & engineering available. PM for details (en / de).
Twitchiz
Newbie
Posts: 14
Karma: 0
Re: Replying Traffic Not Sent Out Correct Interface
«
Reply #2 on:
September 07, 2023, 03:38:35 am »
Thank you! That fixed one issue, but sadly on to the next one that doesn't make sense
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Replying Traffic Not Sent Out Correct Interface