Results 1 to 2 of 2
  1. #1
    Master Untangler
    Join Date
    Dec 2018
    Posts
    225

    Default Client access a network on the other side of a Site-to-Site tunnel?

    We have 2 sites connected via a L2TP site-to-site tunnel.

    The Untangle (near) and the UniFi (far) side.

    With OpenVPN I was able to add the network on the far side of the tunnel to the exported networks section of OpenVPN and then clients that log into the near side can get to the far side network that I exported.

    I tried doing the same thing with WireGuard and can't seem to get it to work.

    I have a Filter rule in place to allow the WireGuard clients to connect to Any Non-WAN network and that works as I can get to all VLAN's on the near side but nothing on the far side.

    Any thoughts?
    Last edited by jlficken; 11-06-2020 at 07:19 AM.

  2. #2
    Master Untangler
    Join Date
    Dec 2018
    Posts
    225

    Default

    I got it figured out with some pointers from Austin.

    I had to change a filter rule to also allow the IPsec VPN interface to the Internal interface as we have a UniFi Cloud Key that was cut off for some reason after the update to 16.0.1 so that was odd.

    I then manually set the WireGuard network to be*10.81.111.0/32.

    I then added the 192.168.10.0/24 network of the USG to the Local Networks of WireGuard.

    I then added 10.81.111.0/24 to the USG IPsec remote tunnel network list.

    Finally, I created another tunnel in Untangle under the IPsec VPN tunnels between*10.81.111.0/32 on the Untangle side and 192.168.10.0/24 on the USG side.

    After that I still got an error because the USG wouldn't let me add*10.81.111.0/32 so I changed the network in WireGuard to*10.81.111.0/24 and it all started working as intended.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2