Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    WireGuard internal packet routing strange behavior

    Scheduled Pinned Locked Moved
    WireGuard
    1
    1
    277
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • O
      olegvekhov
      last edited by

      Hello! I have the following setup:

      pfSense:
      localnet IP 10.9.11.75 em0 (network 10.9.11.0, default gw for net is 75)
      wireguard iface wg0 IP 192.168.40.1
      foreign IP 192.168.94.1
      in routing table 192.168.94.0/23 via 10.9.11.102 (router reachable via localnet)

      WG RoadWarrior 192.168.40.2
      I can ping 10.9.11.[anydigit] from roadwarrior. I can ping roadwarrior from 10.9.11.[anydigit].
      I can ping 192.168.94.[anyip] from 10.9.11.[anyip] and reverse.

      I CANT ping or reach 192.168.94.1 from RoadWarrior.

      Firewall rules is set to allow all from any to any on WG an LAN interfaces for testing.

      running ping from 192.168.40.2 to 10.9.11.x
      If i run tcpdump on wg0 i see outgoing and incoming icmp. On em0 I also see outgoing and incoming icmp. All OK.

      running ping from 192.168.40.2 to 192.168.94.1
      I can see icmp packets on wg0

      I CANT even see outgoing to 192.168.94.1 packets on em0 (interface IP 10.9.11.75 through which packets should be routed according routing table)

      The same config with openvpn works excellent with no problems - it is standart and simple clear routing process.

      Looks like a bug, or may be I so stupid? ))

      1 Reply Last reply Reply Quote 0
      • First post
        Last post