Project

General

Profile

Actions
Copy link

Todo #16335

closed

Feedback on pfSense® software Configuration Recipes — WireGuard Site-to-Site VPN Configuration Example

Added by Mojtaba Ghahari 22 days ago. Updated 19 days ago.

Status:
Rejected
Priority:
High
Assignee:
-
Category:
WireGuard
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

Page: https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-s2s.html

Feedback:
Allowed ip for tunnel ips should just contain peer ip otherwise it makes problem when multiple sites are connected.
Assume that we have three sites. If we set allowed ip the whole tunnel network for each peer the connectivity between some peer will be broken because traffic will route by wireguard to another peer.
In my case Site 1 has two peers named Site 2 and Site 3. Site 1 can ping Site 2 and Site 3. Site 3 can ping Site 1. But Size 2 cannot ping Site 1.
It cost me 6 hours to find the problem (and near to cancel the whole work). So you can save that for others.

Thank you

Actions
Copy link
 #1

Updated by Jim Pingle 19 days ago

  • Status changed from New to Rejected

The linked example is for exactly two sites, not multiple peers.

The example for multiple peers is https://docs.netgate.com/pfsense/en/latest/recipes/wireguard-s2ms.html

Actions
Copy link

Also available in: Atom PDF