Firewall rules to allow connected WG peer access out to WAN

Started by beneix, Today at 11:33:22 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 11:33:22 AM Last Edit: Today at 11:43:56 AM by beneix
I must admit that no matter how much I read about firewall rules, it never becomes intuitive or clear to me...so please, if anyone can help me here.

I have a working Wireguard set-up so that I can access my OPNSense router at home from any external location. When I connect, I get access to the LAN, I can manage my router and I can access my NAS via the LAN. However, I cannot access the WAN. I assume I need to add some rule to the firewall, but I really can't figure out how this rule should be defined.

I have attached screenshots of the existing rules for Wireguard and Wireguard (group).
OPNsense 26.1.2-amd64 on APU2E4 using ZFS
Today at 11:44:47 AM #1
What's in your "AllowedIPs" on the client side?
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Today at 03:11:57 PM #2
In the client peer definition, it's 0.0.0.0/0. On the OPNSense side, it's 192.168.5.2/32.
OPNsense 26.1.2-amd64 on APU2E4 using ZFS
Today at 03:22:11 PM #3
Looks good as do your rules. I'd bring the big tools - packet trace/tcpdump.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Print
Go Up Pages1
User actions