Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Tutorials and FAQs
»
Wireguard instance allowing internet, but blocking access to other IPs on LAN
« previous
next »
Print
Pages: [
1
]
Author
Topic: Wireguard instance allowing internet, but blocking access to other IPs on LAN (Read 1244 times)
catapimba
Newbie
Posts: 5
Karma: 0
Wireguard instance allowing internet, but blocking access to other IPs on LAN
«
on:
June 25, 2024, 12:24:07 am »
Hi! Newbie here!
I have successfully configured my wireguard following the Road Warrior setup, but i'd like to have another instance with only internet access using my DNS.
If I remove the 2nd rule in step 5 of the tutorial (
https://docs.opnsense.org/manual/how-tos/wireguard-client.html
), which allow access to any IP in any subnet, my client cannot access internet too. I was not able to identify the problem, what am I missing? Is this possible?
Logged
tiermutter
Hero Member
Posts: 1095
Karma: 61
Re: Wireguard instance allowing internet, but blocking access to other IPs on LAN
«
Reply #1 on:
June 25, 2024, 01:10:04 am »
For that rule, allow traffic to your DNS (OPNsense?) instead to any and give it your DNS port as destination.
You could also use only one instance, applying this rule only for specific WG client IPs as source, there is no need for a second instance.
Logged
i am not an expert... just trying to help...
catapimba
Newbie
Posts: 5
Karma: 0
Re: Wireguard instance allowing internet, but blocking access to other IPs on LAN
«
Reply #2 on:
June 26, 2024, 02:30:23 am »
I appreciate the help. If I understood correctly, I should change the destination port range. However, as you can see in the image, the destination port is locked, I tried to change the destination to other values to see if I would unlock the selection, but no luck.
Logged
tiermutter
Hero Member
Posts: 1095
Karma: 61
Re: Wireguard instance allowing internet, but blocking access to other IPs on LAN
«
Reply #3 on:
June 26, 2024, 06:29:33 am »
Set protocol to TCP/UDP, then you can add the port.
Logged
i am not an expert... just trying to help...
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Tutorials and FAQs
»
Wireguard instance allowing internet, but blocking access to other IPs on LAN