Road Warrior need access all spokes in hub/spoke multisite
-
I have a hub/spoke multisite wireguard setup with 20+ remote sites connected to the hub. While physically at the hub the user can access each site. This user also has the wireguard client on his laptop and wishes to be able to access all remote sites when not physically at the hub.
pfSense's wireguard package at the hub has 2 tunnels. One for the site to site vpn, and one for the the road warrior vpn. Each has its own interface as well. 172.20.0.0/24 Multisite and 172.21.0.0/24 road warrior. There is also static routes for each spoke configured as well. Peers configured for each location and road warriors too.
Both tunnels work as expected but the road warrior wants to be able to access all the spokes as if they were located at the hub location while remote. I have tried adding their wireguard IP 172.21.0.x to the allowed IP's at the spoke location but still not able to access it.
The LAN subnet at the hub is 10.0.1.0/24 with each spoke increments up 10.0.2.0/24, 10.0.3.0/24, 10.0.4.0/24...ect
Any help getting this to work would be appreciated. Thanks.
-
Hi,
I thing a 6 PFSENSE with WG VPN site to multisite all OK,
But i create a new tunnel in site , for WG Pc clients, and this alone acces to site on crete Tunnel, bit i need acces all sites , how too??
-
Re: Road Warrior need access all spokes in hub/spoke multisite
I have similar issue, how too solved?
-
@compsmith said in Road Warrior need access all spokes in hub/spoke multisite:
Anyone out there have any insight to get this to work?