No internet connection with WireGuard Road Warrior Setup

keviiin · April 19, 2020, 01:34:42 PM

Hello everyone,

I would like to setup a virtual homelab environment, using OPNsense as router.
All my LAN network traffic from inside the lab need to go out through a Wireguard VPN. This same LAN need to be accessible from the same Wireguard tunnel by other "clients" (like my laptop).

The WAN interface is another LAN where I can't open any port and I don't want to send Internet traffic on it, except Wireguard tunneled...

Here is a small schema showing the desired setup :

I have a Debian VPS acting as a Wireguard "Server", using the following config :

Code Select


# VPS
[Interface]
Address = 10.8.0.1/24
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE;
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE;
ListenPort = 12345
PrivateKey = XXXXXXXXXXXXXXXXXXXXXX

# OPNsense
[Peer]
PublicKey = XXXXXXXXXXXXXXXXXXXXXX
AllowedIPs = 10.8.0.2/32

# Laptop
[Peer]
PublicKey = XXXXXXXXXXXXXXXXXXXXXX
AllowedIPs = 10.8.0.3/32

I've followed these tutorials from the docs https://wiki.opnsense.org/manual/how-tos/wireguard-client-azire.html and https://wiki.opnsense.org/manual/how-tos/wireguard-client-mullvad.html.

Here are my configuration on the OPNsense side :

Local :

Endpoint :

NAT/Outbound :

I'm able to ping the whole Wireguard network.
I'm able to traceroute IPs, showing that everything goes through the tunnel
I can't ping Internet IPs nor DNS names...
I can't visit any internet website...

I've tried to assign the interface, add gateways, change DNS,... nothing works...

Thanks very much in advance,

Kevin

No internet connection with WireGuard Road Warrior Setup

keviiin

April 19, 2020, 01:34:42 PM Last Edit: April 19, 2020, 01:37:32 PM by keviiin