Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard site2site routing
« previous
next »
Print
Pages: [
1
]
Author
Topic: Wireguard site2site routing (Read 1353 times)
mtm
Newbie
Posts: 2
Karma: 0
Wireguard site2site routing
«
on:
October 27, 2021, 09:43:43 pm »
Hello all,
I am trying to set up a WG S2S configuration. SiteA is my main OPNsense gateway and siteB shall route all its traffic trough siteA. SiteB has (currently) only one network attached on its LAN side. That's 172.22.2.0/24.
I've added on siteA that network in the endpoint "Allowed IPs". As well as 10.254.253.2/32 which is the WG address.
One note to siteA. The WG interface is
not
the WAN interface but a LAN (actually a VLAN).
The WG tunnel is up and the handshake is successfully done.
But now, if I want to reach (ping) from siteA e.g. 172.22.2.10 (which is "behind" the WG tunnel) the packages are send out over re1 which is the WAN interface of siteA.
The same is happening for the return packages of pings from 172.22.2.10 to e.g. 172.16.5.1 [which is an IP address of siteA on one of its VLANs] are also send out via re1 (confirmed by "tcpdump -vv -n -i re1 icmp").
netstat -rn -4 does NOT contain any reference of 172.22.2.
I guess therefore the packages are send out via WAN.
Now I am wondering how to get the entry for 172.22.2.0/24 in the "routing table".
Thanks!
#m
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
Wireguard site2site routing