Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Possible to have a neighbor configured over wireguard vpn?

    FRR
    3
    3
    317
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      torstein
      last edited by

      I have 3 neighbor configured working from my local lan. But I cannot get a sucsesfully established bpg peer that is on a remote site over wireguard. why is this?

      M senseivitaS 2 Replies Last reply Reply Quote 0
      • M
        michmoor LAYER 8 Rebel Alliance @torstein
        last edited by

        @torstein
        There could be multiple reasons for this and you didnt give any information to help troubleshoot.
        Whats in your allowed IPs list?

        Firewall: NetGate,Palo Alto-VM,Juniper SRX
        Routing: Juniper, Arista, Cisco
        Switching: Juniper, Arista, Cisco
        Wireless: Unifi, Aruba IAP
        JNCIP,CCNP Enterprise

        1 Reply Last reply Reply Quote 0
        • senseivitaS
          senseivita @torstein
          last edited by

          @torstein Um,

          I don't use BGP but it works on OSPF, or rather OSPF works over WireGuard. OSPF is normally multicast, so you have to set the links as point-to-point and they'll discover themselves just fine. You don't even need to specify the neirbor's address. It's pretty cool, I think.

          As I mentioned, I don't use BGP because I don't know much about it, but as I gather, it works over TCP and directly addresses its neighbors so I see no reason why it wouldn't be possible.

          Here are some examples, they for other platforms but you should be able to translate if you understand it though. :)

          • VyOS' configuration blueprints — https://docs.vyos.io/en/sagitta/configexamples/index.html
          • "BGP works with WireGuard without any special steps so long as the peers are static and the peers have Tunnel Endpoint Next Hop Entries configured." — https://docs.netgate.com/tnsr/en/latest/wireguard/example.html

          Missing something? Word endings, maybe? I included a free puzzle in this msg if you solv--okay, I'm lying. It's dyslexia, makes me do that, sorry! Just finish the word; they're rarely misspelled, just incomplete. Yeah-yeah-I know. Same thing.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post