Wireguard 0.0.0.0 Routing problem

m4rtin · April 29, 2024, 03:20:26 PM

Hallo, I run wireguard on an opnsense. I configured the client's allowed IPs with 0.0.0.0/0, ::/0 so the complete traffic goes through the tunnel. When I activate the tunnel, I can access all devices in the wireguard network but a ping to 8.8.8.8 get's a request timeout.

do you have an idea where I should check the configuration in the opnsense (or at the client)?

Patrick M. Hausen · April 29, 2024, 03:42:41 PM

You are probably missing an outbound NAT rule on WAN for source WG0 net.

tiermutter · April 29, 2024, 03:49:12 PM

For Windows clients do not use 0.0.0.0/0 but 0.0.0.0/1, 0.0.0.128/1

Patrick M. Hausen · April 29, 2024, 03:59:41 PM

Quote from: tiermutter on April 29, 2024, 03:49:12 PM
For Windows clients do not use 0.0.0.0/0 but 0.0.0.0/1, 0.0.0.128/1

128.0.0.0/1

tiermutter · April 29, 2024, 04:19:42 PM

Oops, sorry...

m4rtin · April 29, 2024, 04:20:25 PM

Quote from: Patrick M. Hausen on April 29, 2024, 03:42:41 PM
You are probably missing an outbound NAT rule on WAN for source WG0 net.

I have already created a NAT rule (see first screenshot). 0.0.0.0/1, 128.0.0.0/1 don't work as well.

Does it matter that I run the opnsense on a HyperV that runs on a Windows Cloud Server? All used ports are forwarded in Windows Server to the opnsense via Windows "Routing and remote access" (the Windows Server is the gateway).

Edit:
I don't see outgoing traffic in the Live view of the firewall.

Wireguard 0.0.0.0 Routing problem

m4rtin

April 29, 2024, 03:20:26 PM

Patrick M. Hausen

April 29, 2024, 03:42:41 PM #1

tiermutter

April 29, 2024, 03:49:12 PM #2

Patrick M. Hausen

April 29, 2024, 03:59:41 PM #3

tiermutter

April 29, 2024, 04:19:42 PM #4

m4rtin

April 29, 2024, 04:20:25 PM #5 Last Edit: April 29, 2024, 04:22:15 PM by m4rtin