IP sec site to site and wireguard
-
Hi All.
I have 2 networks connected via IPsec tunnel:
site A: 192.168.10.0
Site B: 192.168.6.0
The two networks can see each other and all works fine.
On site A: i have a Wireguard server (172.16.16.0).
When connected to wiregard, i can see Site A:
but i cant see site B:
I tried making a "phase 2" on each ipsec, but it wont work.
If i add it on site B, it says no match
If i try and add it on Site A, i wont let me add network without remote.
How do i configure this?
-
@betahelix Did you add site B as allowed IP's on WireGuard?
-
@jarhead i use 0.0.0.0/0 on wireguard, so should be allowed?
-
@betahelix You say your tried adding a phase 2, did you use the wireguard tunnel network? That's what you would need.
You can do a packet capture on the remote site and ping from the local. I'm guessing the packets are getting there but don't know how to get back. Adding the tunnel network will fix that.