Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Wireguard Site2Site
« previous
next »
Print
Pages: [
1
]
Author
Topic: Wireguard Site2Site (Read 718 times)
emmitt
Newbie
Posts: 40
Karma: 0
Wireguard Site2Site
«
on:
July 04, 2023, 01:09:26 pm »
Hej,
I have a question of understanding. I have set up a wireguard connection between 2 OPNsense locations (Site2Site).
By mistake I have defined 2 different tunnel addresses in the localpoints:
Site1 = 10.5.22.1/24
Site2 = 10.5.5.1/24
Nevertheless everything works as desired. How can this be? Are the same tunnel addresses no longer important?
Of course wireguard was restarted on both machines.
Logged
14k4
Newbie
Posts: 1
Karma: 0
Re: Wireguard Site2Site
«
Reply #1 on:
July 04, 2023, 08:49:27 pm »
Although virtually every wireguard how-to tells you to configure prefixes on the wireguard tunnels/interfaces they are in fact not required at all for wireguard to function. You can configure them if you need them as a route target (to route traffic into the tunnel) but otherwise I prefer to just leave them away.
What's important are the "Allowed IP" fields. Make sure they contain the prefixes you want to make it through the tunnel. If wireguard sees a package with a source IP that's not listed here it will just discard the packet.
Logged
emmitt
Newbie
Posts: 40
Karma: 0
Re: Wireguard Site2Site
«
Reply #2 on:
July 04, 2023, 11:02:38 pm »
Thank you for your answer. My problem has already been solved in the german section of this forum.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Wireguard Site2Site