Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Virtual private networks
»
[SOLVED] Traffic from LAN going missing on the way back to the Wireguard peer
« previous
next »
Print
Pages: [
1
]
Author
Topic: [SOLVED] Traffic from LAN going missing on the way back to the Wireguard peer (Read 588 times)
CaptainKrull
Newbie
Posts: 1
Karma: 0
[SOLVED] Traffic from LAN going missing on the way back to the Wireguard peer
«
on:
July 08, 2023, 02:18:06 am »
Hey,
I'm trying to bypass CG-NAT with Wireguard. I have an external Server that my server behind CG-NAT connects to via Wireguard. The goal is to route any connection my external server attempts to 10.0.0.0/24 through Wireguard to my GC-NATed LAN and route the response back.
My external server has the wireguard-internal IP 10.11.0.2 and the wireguard interfaces is allowed to use the whole 10.11.0.0/24 subnet. Opnsense has the IP 10.0.0.1 on the LAN and the LAN has the subnet 10.0.0.3/24.
This is kinda semi-working already: My external server can ping 10.0.0.1 (OpnSense) and get a response. If it pings any service on my LAN (e.g. 10.0.0.3) the connection times out. According to OpnSense live view the service (10.0.0.3) acknowledges the ping and sends back a response tho. Both connections get allowed.
This response-packet never arrives on my external server according to tcpdump and co.
My routes view shows me that there is an auto generated rule for the WG subnet (10.11.0.0/24) that has "link#8" as the Gateway. This kinda seems like a gateway problem but I can't figure out where the problem lies.
I've been struggling with this for 3 weeks now. Any help is highly appreciated. Thank y'all in advance
EDIT: I misread the logs, there were connections going into my LAN but none coming back to the firewall. The solution was to add a route to 10.11.0.0/24 (wireguard) via 10.0.0.1 (opnsense LAN IP) on the LAN clients and disable their own firewall that was blocking those outgoing connections
«
Last Edit: July 08, 2023, 03:55:05 pm by CaptainKrull
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Virtual private networks
»
[SOLVED] Traffic from LAN going missing on the way back to the Wireguard peer