Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Does the GW IP matter?

    Scheduled Pinned Locked Moved WireGuard
    4 Posts 2 Posters 227 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      McMurphy
      last edited by McMurphy

      I have a simple site to site WG VPN

      SiteA = 172.16.0.1
      SiteB = 172.16.0.2

      As part of the pfSense config I need to create a GW at each site however I have discovered that no matter what value I specify for the GW the VPN keeps working correctly?

      For example, on both pfSense boxes if I set the GW IP to 172.16.0.254 everything continues working.

      Does the GW IP only need to be any value within the tunnel subnet?

      chpalmerC 2 Replies Last reply Reply Quote 0
      • chpalmerC
        chpalmer @McMurphy
        last edited by

        @McMurphy

        GW would only be important for traffic that was directed at an address that was outside of your subnet.

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        M 1 Reply Last reply Reply Quote 0
        • M
          McMurphy @chpalmer
          last edited by

          @chpalmer

          Do you mean outside the tunnel subnet?

          Technically if the VPN tunnel is used to connect separate networks then would all networks not be outside of my tunnel subnet?

          I have used a dummy GW IP and am able to contact all networks?

          1 Reply Last reply Reply Quote 0
          • chpalmerC
            chpalmer @McMurphy
            last edited by chpalmer

            @McMurphy said in Does the GW IP matter?:

            SiteA = 172.16.0.1
            SiteB = 172.16.0.2

            These are both in the same network even if you had a /30

            Do you have other interfaces i.e. LANs on these boxes? I assume you do. Yes you would be able to see at least both addresses from either box.

            left to guess your layout nobody can really understand what your goal is.

            Triggering snowflakes one by one..
            Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.