Unable to connect to local network from WireGuard VPN connection
It used to work like two weeks ago. I think since I've clicked "Customize Now" and went through the flow, but I don't think I've changed anything relevant.
My VPN connection works correctly (when checking my public IP it's my home network, I am able to use local DNS, e.g. ping myserver.lan resolves correctly to 192.168.13.3).
I do see my connection as being blocked. At first the Diagnose showed that it's being blocked by "Ingress Firewall", which is odd, as I've thought my WireGuard network should be considered local network. Adding allow didn't help. I've added two additional Allow rules:
* Traffic from & to WireGuard to "All Devices"
* Traffic from & to "LAN 1" to "WireGuard"
But this didn't help either, even though the rules do show hit counts.
So for now I've disabled Ingress Firewall completely, but it still doesn't work. Now, after trying to open http connection to my local 192.168.18.3, the Diagnose shows a message:
"The connection is auto-blocked by Firewalla because TCP Port 80 on WAN Interface WireGuard is not opened to external". Which again is weird, because I'm trying to get to 80 on 192.168.18.3 on LAN 1, not on WireGuard.
Any help would be appreciated - either how to fix or how to debug it / what logs to look at. Thanks!
-
Thank you!
Actually the IP maybe an issue... My home network is 192.168.1.1/18, and the WiFi I'm on is 192.168.1.1/24... I didn't use any 192.168.1.1/24 addresses, but I guess i need to pick some more unique network address.
Is there any way to mass change reserved ips? Some text files I could change? I have over 100 devices, and changing them all manually in the app is super slow process. -
Closing this thread here, seems Firewalla is not passing traffic from the local network back to wireguard network, what fixes it for me is manually adding:
iptables -I FR_FORWARD 1 -i br0 -o wg0 -j ACCEPTand then putting it into /home/pi/.firewalla/post_main.d for persistance. Thanks Firewalla Support for help investigating this!
Please sign in to leave a comment.
Comments
6 comments