Cannot access Lan network on Wireguard server side.

bohaman · Jul 31, 2022, 5:38 AM

Hello everyone,

I've tried to searched for a solution to this problem for awhile now but I can't seems to find the answer for it. I hope if anyone could help guide me to the right direction.

I set up a WG tunnel and got internet through VPN also I've tried to check my IP and it showed up my IP as my WG's server IP.

However, when I tried to access my WG's server LAN network I cannot access it. When I access the 192.168.1.1. I still access my current local LAN network, not the WG's Lan network.

I've tried to set my Allowed IP's = 0.0.0.0/0 to make sure all my traffic go through the tunnel but it still wouldn't work.

I have my pie-hole running as well, which I know I don't have a DNS leak because even when I run my DNS 1.1.1.1 at my client pfsense from my WG's server still capture the traffic route it to the pi-hole and I still receive DNS filter from the pi-hole.

When I tried to ping my WG's client address from my WG's server, the WG's server recognize the traffic from my WG's client.

an example of my WG configuration

This is my iOS client from WG app
[Interface]
PrivateKey = xxx..xx...vxxx...
Address = 10.0.0.3/24
DNS = 1.1.1.1 (this is to test if the traffic is capture and re-route correctly to pi-hole)

[Peer]
PublicKey = Q+7R0pjPxxx...kxOS0=
PresharedKey = xxxxx
AllowedIPs = 0.0.0.0/0
Endpoint = xxxx:51820

Thank you all so much

Bob.Dig · Jul 31, 2022, 8:56 AM

@bohaman Take a look here and search for your exact use-case on the left side.

bohaman · Jul 31, 2022, 10:31 PM

@bob-dig Hello,

Thank you for taking your time and asnwer my post.

I apologize but would you please help me more sepcific on which guide I am suppose to look for? I'm new to pfsense and just trying to learn everything via google search.

Are you referring me to "WireGuard Site-to-Site VPN Configuration Example"? It may not be what I am looking for since I just want to access my LAN WG's server network from my client, not both way.

I have also look up at the "WireGuard Remote Access VPN Configuration Example" and that also said that if I want all my traffic to go to my WG's server then do 0.0.0.0/0. However, I still cannot access my LAN WG's server network.

I've looked at this youtube video and it showed that as long as the client successfully get through the tunnel and set the allowed IP address as 0.0.0.0/0, the client should be able to access the LAN network of the WG's server side. Here is the reference video "https://www.youtube.com/watch?v=biU5l0T4e8w&t=588s"

Thank you again.

Jarhead · Aug 2, 2022, 12:48 AM

@bohaman said in Cannot access Lan network on Wireguard server side.:

However, when I tried to access my WG's server LAN network I cannot access it. When I access the 192.168.1.1. I still access my current local LAN network, not the WG's Lan network.

Do you have both networks as 192.168.1.1?
If so, you'll need to change one of them. Can't have both sides using the same subnet.

bohaman · Aug 2, 2022, 12:48 AM

@jarhead Yes! This worked. Thank you so much