[SOLVED] Another Wireguard without acces to LAN

Started by jejema2, April 18, 2025, 11:44:36 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 18, 2025, 11:44:36 AM Last Edit: April 22, 2025, 03:36:21 PM by jejema2
Hello,
after having checked many topics, tuto...I decided to add another topic there...sorry ^^

My config:


          | -- opnsense:      WAH DHCP        -- 10.0.0.253              |
          |                                                                                                    |
ISP--|                                                                                                    | -- VIP 10.0.0.254 -- LAN 10.0.0.0/24
          |                                                                                                    |                                 
          | -- opnsense2: WAN DHCP (MAC spoof) -- 10.0.0.252 |


WG setup :
Instance: 10.0.10.1/24
Pair: 10.0.10.2/32
Carp dependency on VIP 10.0.0.254 checked

WG client :
authorized IP : 0.0.0.0/0

LAN FW:


WG FW:


WAN NAT:


Firewall let pass WG to LAN (10.0.0.10 is my internal DNS):


Symptoms : VPN client (android phone) connects to instance ok (handshake ok, WAN firewall rule is ok) on opnsense(master of the vip)
ping 10.0.0.254 (VIP) ok
ping 10.0.0.253 ok
ping to LAN addresses (10.0.0.10 for example) KO

Could you help me with this ?:)




April 18, 2025, 05:50:36 PM #1 Last Edit: April 18, 2025, 05:53:01 PM by jejema2
I found thatI did not put the good mask for IP configuration my 10.0.0.10 server (/8 instead of /24) ...(champiooooon)

Ping and all other access are ok now ^^

you can close
Print
Go Up Pages1
User actions