Wiregard site to site don't work

[freegate]

Hello everyone,

 I configured two opnsense sites with Wireguard with separate LAN addresses 192.168.0.0/24 (site A) and 192.168.10.0/24 (site B). Peers are done correctly on both sides. The "handshake" is done on both sides.

However, the workstations on site B manage to see the workstations on site A, but the workstations on site A cannot ping those on site B. However, I have set the same firewall rules on both sides.

A client-server configuration on site B works, however. Surely there is something wrong. But I can't see what? An idea ?

Cordially.

[Demusman]

Did you add the correct allowed IP's on both ends?
Each end should have the opposite ends IP's.

[freegate]

Of course,
 
On the wireguard of site A, in allowed IP's, I set 192.168.10.0/24, and the IP of Wireguard B (10.8.0.2/32) and on the Wireguard of site B, I set 192.168.0.0 /24 as well as the IP on Wireguard A (10.8.0.1/32).

[Demusman]

Check the routes on site A.

[freegate]

Check the routes on site A.

Wireguard site A : 192.168.0.1
Wireguard site B : 192.168.10.254

A tracert 192.168.0.1 from site B to site A returns:
   1 <1ms <1ms <1ms 192.168.10.254
   2 2ms 2ms 2ms 192.168.0.1

A tracert 192.168.10.254 from site A to site B returns
  1 <1ms <1ms <1ms 192.168.0.1
   2 <1ms <1ms <1ms LIVEBOX [192.168.3.1]
   3 * * * Request timed out.


192.168.3.1 is the local IP of internet provider's box on site A

[Demusman]

No, I meant check the routing table,

[freegate]

No, I meant check the routing table,

Ok but I'm sorry, I don't know how to do that.

[Demusman]

System/Routes/Status

[freegate]

Status returns :

192.168.10.0/24   link#10   US   NaN   1360   wg0   WG

Routing Table seems right, however ...

[freegate]

I found the solution.

The problem came from the LAN gateway which was not configured by default.


Demusman tipped me off

Thanks