Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    One tunnel for remote access

    Scheduled Pinned Locked Moved WireGuard
    30 Posts 4 Posters 2.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      korr2221 @mcury
      last edited by

      @mcury it doesn't matter. I know if I want to use the internet from pfsense it is full tunnel and if I want from my phone it's split tunnel. But after changing my dns my split tunnel works correctly now. Odd!

      M 1 Reply Last reply Reply Quote 0
      • M
        mcury Rebel Alliance @korr2221
        last edited by

        @korr2221 It doesn't matter? Really? Ok then.

        dead on arrival, nowhere to be found.

        K 1 Reply Last reply Reply Quote 0
        • K
          korr2221 @mcury
          last edited by

          @mcury well i mean for some people it would. but for me, I just wanted to have remote access. haha.

          M 1 Reply Last reply Reply Quote 0
          • M
            mcury Rebel Alliance @korr2221
            last edited by

            @korr2221 said in One tunnel for remote access:

            @mcury well i mean for some people it would. but for me, I just wanted to have remote access. haha.

            So, you just want to access local resources? That's all?
            Remove 0.0.0.0/0 from the allowed ips configuration file, and leave the configuration in pfsense exactly as I posted above.

            dead on arrival, nowhere to be found.

            K 1 Reply Last reply Reply Quote 0
            • K
              korr2221 @mcury
              last edited by korr2221

              @mcury I have. I think you missed the one post above. I know the 0.0.0.0/0 doesn't belong. I was in the midst of trying full tunnel settings and somehow it kicked it in. Then worked after I removed it.

              I'm okay now. I think maybe reinstalling WG package did something.

              M 1 Reply Last reply Reply Quote 0
              • M
                mcury Rebel Alliance @korr2221
                last edited by mcury

                @korr2221 said in One tunnel for remote access:

                @mcury I have. I think you missed the one post above. I know the 0.0.0.0/0 doesn't belong. I was in the midst of trying full tunnel settings and somehow it kicked it in. Then worked after I removed it.

                Its kind of hard to understand what you are trying to do over there, you are not being clear about your objective.

                If you remove 0.0.0.0/0, the Internet will work, but its not going to be a full tunnel, which means that websites on the internet will be accessed through your local internet, and not through pfsense internet.

                If you put the 0.0.0.0/0, and configure the outbound NAT, its going to be a full tunnel, which means that websites on the internet will be accessed using the pfsense Internet, thus going through the tunnel.

                You said that removing 0.0.0.0/0 is working, so you have a split tunnel, which is used only to access local resources in allowed-ips field. Web sites on the internet are actually been accessed using the Internet from wherever you are connecting from.

                dead on arrival, nowhere to be found.

                K 1 Reply Last reply Reply Quote 0
                • K
                  korr2221 @mcury
                  last edited by

                  @mcury since that post I have removed the 0.0.0.0/0 and am currently using split tunnel fine now. After changing my DNS all is working. I understand. All is well, it works!

                  M 1 Reply Last reply Reply Quote 0
                  • M
                    mcury Rebel Alliance @korr2221
                    last edited by

                    @korr2221 said in One tunnel for remote access:

                    @mcury since that post I have removed the 0.0.0.0/0 and am currently using split tunnel fine now. After changing my DNS all is working. I understand. All is well, it works!

                    Oh, great then =) One less thing to worry about now

                    dead on arrival, nowhere to be found.

                    K 1 Reply Last reply Reply Quote 0
                    • K
                      korr2221 @mcury
                      last edited by

                      @mcury Thank you for your patience and understanding. :)

                      M 1 Reply Last reply Reply Quote 0
                      • M
                        mcury Rebel Alliance @korr2221
                        last edited by

                        @korr2221 said in One tunnel for remote access:

                        @mcury Thank you for your patience and understanding. :)

                        :) you are welcome

                        dead on arrival, nowhere to be found.

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.