How to route everything from lan going over VPN.

Started by novel, November 25, 2023, 12:58:40 PM

Previous topic - Next topic
Print
Go Down Pages 1 ... 3 4 5
User actions
November 26, 2023, 12:16:28 PM #60
Quote from: tiermutter on November 26, 2023, 12:03:54 PM
Monitor IP does not mean that this will be used as DNS server. Simply don't care about this ;)
You can put any public IP here if you want...

I dont have static ip. So I think it is better to put the same IP from gateway 10.217.30.1 . Right?

Please do you have any example from site, because I dont understand how to setup some sites to use different IP
November 26, 2023, 12:26:05 PM #61
Look at this site:
https://docs.opnsense.org/manual/aliases.html
You need alias type host, there is a good example for youtube. Just add all sites you want to reach via WAN there.

Regarding monitor IP you can also put the endpoint IP of your WG server there like we did in the first steps. But, as said, this has the disadvantage that for GW status it will always say "up" just because the connection to your WG server is established. In this case this does not mean that also internet via VPN is working.
Putting a public IP like 8.8.4.4 GW status is "up" when VPN is established AND internet via VPN working.
i am not an expert... just trying to help...
November 26, 2023, 12:33:51 PM #62
Quote from: tiermutter on November 26, 2023, 12:26:05 PM
Look at this site:
https://docs.opnsense.org/manual/aliases.html
You need alias type host, there is a good example for youtube. Just add all sites you want to reach via WAN there.

Regarding monitor IP you can also put the endpoint IP of your WG server there like we did in the first steps. But, as said, this has the disadvantage that for GW status it will always say "up" just because the connection to your WG server is established. In this case this does not mean that also internet via VPN is working.
Putting a public IP like 8.8.4.4 GW status is "up" when VPN is established AND internet via VPN working.


Please, Which is the endpoint IP of WG server ?? Documention of opnsesne say:

Insert the endpoint VPN tunnel IP (NOT the public IP) of your VPN provider

Specifying the endpoint VPN tunnel IP is preferable. As an alternative, you could include an external IP such as 1.1.1.1 or 8.8.8.8,
November 26, 2023, 12:38:31 PM #63
Endpoint IP of your WG server is the servers WG IP... We used this IP in step 2 there:

Step 2 is configuring WG client on sense.
2a) Configure according to step 1-6 https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html
Pay particular attention for step 6 "monitor IP". Please set debians's WG endpoint IP, later we will change it.
i am not an expert... just trying to help...
November 26, 2023, 12:43:07 PM #64
But, as said ;) , there is no need for you to care about!
i am not an expert... just trying to help...
November 26, 2023, 01:11:19 PM #65
Quote from: tiermutter on November 26, 2023, 12:38:31 PM
Endpoint IP of your WG server is the servers WG IP... We used this IP in step 2 there:

Step 2 is configuring WG client on sense.
2a) Configure according to step 1-6 https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html
Pay particular attention for step 6 "monitor IP". Please set debians's WG endpoint IP, later we will change it.


My friend  :) :) I read this a lot of time. I don't understand which is endpoint IP. Can you? Is it 10.217.30.1 or not?

I would like to know. Just know
November 26, 2023, 01:17:39 PM #66
Yes it is... See post #5 screenshot...
i am not an expert... just trying to help...
November 26, 2023, 02:07:21 PM #67
Quote from: tiermutter on November 26, 2023, 01:17:39 PM
Yes it is... See post #5 screenshot...

Thank you....Later, I will try to figure out the problem with alias web sites.
Print
Go Up Pages 1 ... 3 4 5
User actions