Routing Wireguard To A Specific Subnet Only

Started by jmdomini, December 28, 2024, 07:24:57 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 28, 2024, 07:24:57 PM
It shouldn't be this hard, but I've spent more hours trying to figure this out than I want to admit. I followed these instructions to complete the basic Wireguard configuration (https://www.ivpn.net/setup/router/opnsense-wireguard/) and they work perfectly if one wants to route all traffic over the VPN. However, I wish to route my primary subnet 192.168.1.0/24 out over the WAN untouched and only send 192.168.2.0/24 out over the Wireguard VPN.

Seemed like in theory it should be simple, just add two different outgoing NAT rules. One for each subnet. Traffic routes just fine for the primary subnet. However nothing routes for the secondary (I can't even ping the gateway 192.168.2.1). I tried adding a firewall rule on the interface the secondary subnet is connected to (OPT3) to allow all traffic in and out which fixes not being able to ping the gateway, but still no traffic goes to the Wireguard tunnel (or anywhere outside of the LAN). What am I missing here?
December 29, 2024, 04:26:45 AM #1
Never mind, problem solved by following the instructions in this post....
https://forum.opnsense.org/index.php?topic=33213.0
Print
Go Up Pages1
User actions