VPN Server Overlay Question
At home, I have a FWG set to run as a WireGuard Server. The home network is 192.168.1.0/24. If my remote network is also configured as 192.168.1.0/24, will my VPN connection fail? That seems to be what is happening. If I configure my WireGuard remote client with [AllowedIPs = 192.168.1.50/32, 192.168.1.90/32] I can then "see" the two home devices at those addresses, perhaps because there aren't any devices at those addresses on the remote network. Obviously, I'm confused. Any help would be most appreciated. TIA.
-
It is always best not to have your networks clash, so changing your network addressing is the first order solution.
Next, your issue is pretty much on the client-side. (the problem of selecting which IP addresses go to your wireguard VPN tunnel). I think the allowIP statement is pretty much like adding a route that says for those clients use wireguard.
-
Thank you for your reply.
After a bit more screwing around, and a lot more internet searching, I seem to have solved my problem...
Turns out the "default" configuration created by the Firewalla WireGuard VPN Server setup (in the iOS app) results in a set that looks like this on the remote computer:
[Interface]
PrivateKey = xxxx
Address = 10.189.44.150/32
DNS = 10.189.44.1
[Peer]
PublicKey = xxxx
AllowedIPs = 0.0.0.0/0
Endpoint = xxxx.d.firewalla.org:51820Changing the "AllowedIPs" to "0.0.0.0/0, ::/0" apparently solved my connectivity issues - everything I've tested so far is working (my IP changes to my "home" IP, I can address any device on my "home" network, etc).
Maybe the default configuration generated should allow for IPv6 addressing? I'm far from competent in this world, so I don't have anything more than a guess.
Thanks.
Please sign in to leave a comment.
Comments
2 comments