wireguard point to point guidance

[nikkon]

Hello,

Did anyone managed to set a point-to-point Wireguard VPN?
Can you please point me to some docs (the one on opnsense is incomplete i believe)

Thanks

[Greelan]

https://www.thomas-krenn.com/en/wiki/OPNsense_WireGuard_VPN_Site-to-Site_configuration

[nikkon]

thanks for sharing this.
let me go through this and see how it turns out

[nikkon]

it works. the tunnel is up. the interface has been created.
Now I need to figure out how to route traffic through the tunnel

thank you

[chemlud]

The IP (-ranges) in the config will be accessed via the tunnel. try to reach a smb share or open ssh or whatever with the remote IP in the config and it should work...

[Greelan]

Exactly. Should be like accessing it locally

[nikkon]

something doesn't match

the tunnel is up:
peer: VSS+lopy56*********
  endpoint: 24.4.223.185:51823
  allowed ips: 10.100.92.0/31, 192.168.123.0/24
  latest handshake: 23 seconds ago
  transfer: 2.88 MiB received, 2.87 MiB sent

Firewall A internal networks 172.16.10.0/24, 172.16.20.0/24
Firewall B internal network 192.168.123.0/24
Tunel network is : 10.100.92.0/31

without any additional fw rules ping fails

ping 192.168.123.1                                                       
PING 192.168.123.1 (192.168.123.1): 56 data bytes
Request timeout for icmp_seq 0

With the additional rule where I define the gateway same behaviour

Firewall A rules on Lan:
   IPv4 *   *   *   FirewallBLan    *   WIREGUARD_GW   *   FW B LAN access VPN
where FirewallBLan is Firewall B (192.168.123.0/24)

What am I missing?

[nikkon]

It can be closed
I made a mistake when I added the route.
all works now
thank you