How to reach WG site-to-site host from WG mobile?
-
I'm running pfSense at Site A and Site B. Site A has a WG site-to-site tunnel to Site B, and another WG tunnel for mobile devices. Site A lan hosts can reach lan hosts at Site B no problem. Mobile devices connected to Site A can reach Site A lan hosts and the pfSense console at Site B, but no other lan hosts at Site B. I tried different outbound NAT rules with no luck, I'm not sure what's needed exactly or even whether this is the right approach. I would like mobile devices connected to Site A to be able to reach lan devices at Site B. Any help is greatly appreciated.
-
@patpend You would have to allow the remote access subnet on the far sites WG config as an allowed network.
-
@jarhead Also need a route there in the local config but that should already be there since you said you can access the remote from the local.
-
@jarhead Thanks for the reply. I tried this with no success. Which version of pfSense & WG are you using?
-
@patpend Latest of both.
Post pics of your tunnel and peer config's, along with gateways and static routes.
-
@patpend I forgot one thing...
https://forum.netgate.com/topic/171272/wireguard-site-to-site-mobile-connection-only-routes-1-side-of-tunnel
Check that too. I thought that was created automatically but that user had to create it so you may have to also.