Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
Should Wireguard tunnel address be the same on both sides of a peer-to-peer vpn?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Should Wireguard tunnel address be the same on both sides of a peer-to-peer vpn? (Read 753 times)
baz
Jr. Member
Posts: 52
Karma: 1
Should Wireguard tunnel address be the same on both sides of a peer-to-peer vpn?
«
on:
October 20, 2022, 02:26:50 am »
I am trying to setup a peer-to-peer wireguard vpn connection between two sites. On the "local" tab of the first peer I set the tunnel address range to 172.16.2.0/24 and the port to 51820. Should I use the same values on the "local" tab of the second peer, or do I need to use precisely NOT those values and something like 172.16.3.0/24 and port 51821, for example (different IP and port)?
«
Last Edit: October 20, 2022, 02:38:42 am by baz
»
Logged
bartjsmit
Hero Member
Posts: 2017
Karma: 194
Re: Should Wireguard tunnel address be the same on both sides of a peer-to-peer vpn?
«
Reply #1 on:
October 20, 2022, 07:22:16 am »
They are subnet addresses and both routers need to agree on the address of the network between them. Assign 172.16.2.0/24 on both sides with different interface IP's (e.g. 172.16.2.1 on one end and 172.16.2.2 on the other).
The ports are on the outside of the tunnel and are tied to the public IP's of your VPN. They have no meaning inside the tunnel.
Bart...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
22.7 Legacy Series
»
Should Wireguard tunnel address be the same on both sides of a peer-to-peer vpn?
