Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
WireGuard Site-to-Site without nat
« previous
next »
Print
Pages: [
1
]
Author
Topic: WireGuard Site-to-Site without nat (Read 418 times)
barneby
Newbie
Posts: 7
Karma: 0
WireGuard Site-to-Site without nat
«
on:
July 23, 2024, 06:20:42 pm »
I have wg s2s configured using that wizard
https://docs.opnsense.org/manual/how-tos/wireguard-s2s.html#step-3a-setup-wireguard-peer-on-opnsense-site-a
. When I try to ping the remote LAN addresses from the router, everything works.
The problem is when I want to ping the addresses of the remote LAN network from some of the hosts in the local LAN network. Such a request will not come. Traceroute shows that it terminates at the local router.
When I set up snat, everything works, but I don't want to use snat for the s2s network, because I want the networks to see each other's source addresses.
My nat rules are set to Hybrid outbound NAT rule generation and I have no custom rules added.
Are there any other settings I should make so that s2s networks can communicate without nat?
Logged
Patrick M. Hausen
Hero Member
Posts: 6826
Karma: 573
Re: WireGuard Site-to-Site without nat
«
Reply #1 on:
July 23, 2024, 08:10:55 pm »
Put the respective
remote
LAN in the AllowedIPs on each side.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
barneby
Newbie
Posts: 7
Karma: 0
Re: WireGuard Site-to-Site without nat
«
Reply #2 on:
July 23, 2024, 08:22:07 pm »
this i already have that set up
Logged
barneby
Newbie
Posts: 7
Karma: 0
Re: WireGuard Site-to-Site without nat
«
Reply #3 on:
July 23, 2024, 08:26:17 pm »
So I solved it. The problem is that on one side I had IPsec turned on, which routed to the same LAN subnet.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
WireGuard Site-to-Site without nat
