Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
Wireguard site-to-site setup only works on default WAN IP not VIP
« previous
next »
Print
Pages:
1
2
[
3
]
Author
Topic: Wireguard site-to-site setup only works on default WAN IP not VIP (Read 13897 times)
akron
Jr. Member
Posts: 57
Karma: 2
Re: Wireguard site-to-site setup only works on default WAN IP not VIP
«
Reply #30 on:
February 23, 2021, 04:01:18 pm »
Quote from: mimugmail on February 23, 2021, 03:10:06 pm
Can you post a screenshot of this portforward please?
this is how I have it:
Assuming you already have Site 1 (Client) LAN + Internet going over Site 2 (Server) Public IP and you want to NAT something from that public IP back to the client LAN
- Port forward rule
- WAN rule automatically created by Port forward rule
- Then Outbound NAT rule on server side to remote LAN Alias/IP on WG interface
not sure if this is the correct way to do NAT over the tunnel but is working sharp
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Wireguard site-to-site setup only works on default WAN IP not VIP
«
Reply #31 on:
February 24, 2021, 06:00:56 am »
Ah, now I got you. The unsupported thing is when you want to add a port forward on the Tunnel Address to internal
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
Print
Pages:
1
2
[
3
]
« previous
next »
OPNsense Forum
»
Archive
»
21.1 Legacy Series
»
Wireguard site-to-site setup only works on default WAN IP not VIP