Comments (2)
Hey I think I figured this out. I didn't use DNAT rules, rather MASQUERADE rules. I've tried to read up on the differences -- mostly MASQUERADE if you're not certain if the IP addresses might change whereas DNAT/SNAT if IP addresses are static. In terms of working with the specifics within pfSense -- it was all kind of tricky -- at least for me. Yes I assigned Wireguard a tunnel with its own interface and assigned the tunnel a specific IP address. I created a gateway for the WG interface and selected the gateway IP address to be dynamic. I then created a static route for the WG network - and assigned the Wireguard network the gateway of the WG interface. I'm not sure of all the ins and outs, however it's also possible to create these gateway assigning a static IP rather than using the dynamic configuration option. I'm assuming the dynamic option is more equivalent to the MASQUERADE option where as assigning as static IP would be more equivalent of the SNAT/DNAT option.
from wireguard-site-to-site.
I did this but I used one of the free oracle VPS tiers. Basically, I used IP tables to forward down the Wireguard tunnel. On the Pfsense side, you need to configure the Wireguard tunnel to have its own interface. Then you need to set up a gateway for the Wireguard tunnel with a static route point to the /24 subnet of whatever your Wireguard network is. I also enabled the static route filtering option in system-advanced-firewal&nat. Make sure on your Pfsense side that 0.0.0.0/0 is in the allowed IPs for the Wireguard peer on Pfsense.
Images:
https://i.imgur.com/FARnzqs.png
https://i.imgur.com/EW2Q474.png
https://i.imgur.com/CumQcsn.png
https://i.imgur.com/GjhoLxE.png
https://i.imgur.com/q9Nex7H.png
https://i.imgur.com/DbrtkVZ.png
https://i.imgur.com/tPwVQrJ.png
from wireguard-site-to-site.
Related Issues (5)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wireguard-site-to-site.