Wireguard Site-to-Multisite Redirect Host problem
-
Hello
I configured 3 sites by following the procedure in the guide [https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-s2ms.html](link url).
The difference is that my main site also has a segment that must be accessible from satellite sites.
HQ
- list itemTunnel IP 10.250.0.1
- Local Network 10.10.4.0 /23
SatA
- list itemTunnel IP 10.250.0.2
- Local Network 10.20.4.0 /23
SatB
- list itemTunnel IP 10.250.0.3
- Local Network 10.30.4.0 /23
Currently everything works. I can PING from SatelliteA to HQ, SatelliteB to HQ and SatelliteA to SatelliteB.
However, I try to determine if the following behavior is normal.
When I ping SatA -> SatB or vice versa I receive a "Redirect Host".
FROM SAT-A to SAT-B Ping 10.30.4.1 PING 10.30.4.1 (10.30.4.1): 56 data bytes 92 bytes from 10.250.0.1: Redirect Host(New addr: 10.250.0.3) Vr HL TOS Len ID Flg off TTL Pro cks Src Dst 4 5 00 0054 07da 0 0000 3f 01 5ab5 10.250.0.2 10.30.4.1Yet I am able to make a direct ping from SatA -> 10.250.0.3 (IP tunnel siteB) without redirect.
I tried to create a 2nd gateway on SiteA that goes to 10.250.0.3 for the local segment of SiteB, but strangely when I ping I always have the same answer of 10.250.0.1. As if the route was not taken into account.
Does anyone know if the redirect is a normal behavior of the Site-to-Multisite wireguard?
Thanks