Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to assign VPN interface IP on same subnet as LAN

    WireGuard
    2
    2
    408
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mikebflyer
      last edited by

      Okay, I bought a Firewalla Purple (in hind sight probably shouldn't have). I realize this may require some modifications to the software/config preloaded on it. I'm trying to use it as a VPN server to allow me to remotely access Windows SMB devices like a network attached storage drive and a printer from a remote location.

      My understanding is that for SMB to find network devices you have to be on the same subnet and you have to have certain ports open. With the out of the box Wireguard VPN server that comes with Firewalla it assigns all VPN interfaces a 10.200.181.0 address and my LAN devices are 192.168.1.0. So, I have a feeling (no real confirmation this will work) that if I can get the VPN server to assign IPs to interfaces that are 192.168.1.0 then I believe Windows will be able to find the devices and they should work fine.

      At the present time I have a functioning VPN server and I can connect to the NAT using its local IP or the Firewalla name server default name assigned to it, but with my particular NAT functionality is limited when doing it this way because it uses only FTP or NFS and my software will not function well with a mapped FTP or NFS drive.

      I want it to be as if I am connected to the LAN when connected over the VPN. I want to open Windows Explorer and see all of the same Network devices I see when I am connected to the LAN.

      Any idea if this is a simple configuration change in the Wireguard config or if it will require something a bit more sophisticated? I thought about trying to setup some kind of IP bridge/mirror/proxy (not sure what you'd call it) where a LAN IP will get echoed onto another subnet using an IP on that subnet and vice versa. This seems overly complicated though.

      Ideally, the VPN server would use the DHCP from the router on my LAN to assign an IP to VPN interfaces dynamically. But if I have to setup a static IP I have no problem doing that.

      Thanks for the help!
      Mike

      JustAnotherUserJ 1 Reply Last reply Reply Quote 0
      • JustAnotherUserJ
        JustAnotherUser @mikebflyer
        last edited by JustAnotherUser

        @mikebflyer

        You bridge the interfaces. I've never done it in pfSense so I can't tell you the details other than:

        Interfaces >> Bridges >> Add

        When you bridge them, they act as one interface so they have the same IP and are connected to the same subnet.

        Here's how to do it to an OVPN interface (it will be the same for a WG interface):
        https://docs.netgate.com/pfsense/en/latest/recipes/openvpn-bridged.html

        1 Reply Last reply Reply Quote 0
        • First post
          Last post