Use wireuard with the same subnet as the LAN
-
I'm using a wireguard tunnel to connect my smartphone to my local network. I do this to use the AVM Fritz Fon voip app. Unfortunately this App works only in the same subnet as the AVM Fritzbox (router with voip server). The Fritzbox is behind the pfsense in the local lan. So the app works well on my lan, but not on the wireguard tunnel, because the tunnel has a different IP address. Any idea how I can trick the Smartphone in the same subnet as the fritzbox?
-
You could probably use NAT and proxyARP to solve this, not really ideal though.
Are you sure the app is having issues because of being on a different subnet and not because of latency running over a VPN?
-
@planedrop Yes, the Fritzbox blocks all foreign subnets while in IP client mode. I helped my self by setting the fritzbox to router mode. But therefor I had to setup a VLAN for the WAN port of the fritzbox. Also if I enable IPv6 support it will start router advertisement. This isn't ideal either.
-
Gotcha, well it's not really feasible to say give a VPN client a local IP on a subnet the firewall is already managing as an interface, so I think the only solution would be to use NAT but this can create it's own issues.
But if you were to NAT the wireguard connection to a different IP within that local LAN subnet (and make sure it's not one within that subnets DHCP pool) then you probably can achieve what you're looking for here.
