Wireguard site2site NAT / IP of tunnel shown instead of real IP
-
Hello, i know there is another post about this, but it is marked as solved and it's few months old, also the solution is not really clear to me, so i decided to create a new one.
I did setup a wireguard site to site vpn between two pfsense firewalls.
Everything looked good until i tried to mount a nfs share from a site A server in a site B client, the server sees the connection as from the wg tunnel ip and not from the real client ip, not allowing me to mount the share.I don't want to nat connections in my wg tunnel.
i tried to switch to hybid nat and create a rule to disable nat in the tunnel interface but that broke the site to site vpn.
i must also mention that i have set an upstream gateway in the tunnel interface in each site, because the netgate guide i followed said to do so, but at this point i am not sure this is necessary.
Can anyone point me in the right direction to solve this?
Thanks -
To anyone having the same problem follow this guide
https://blog.matrixpost.net/set-up-wireguard-site-to-site-vpn-on-pfsense/or in short, do not set an upstream gateway and set static routes as allowed ips.