Answer the question
In order to leave comments, you need to log in
How to connect from local network to local server with vpn?
Good afternoon!
I can't reach wg0 10.0.3.1 from LAN.
I have a keenetic router. It has one subnet 192.168.1.0/24 (router 192.168.1.1). On raspberry pi (eth0 192.168.1.3) wireguard is up (wg0 in interface config 10.0.3.1/32, and forward eth0 to wg0 and wg0 to eth0 are configured). Added static route ip route 10.0.3.1/24 192.168.1.3 on the router. The route is added to the keenetic table (destination: 10.0.3.0/24 gateway: 192.168.1.3 connection: home(this is the LAN interface)). Now 10.0.3.1 is pinged from the web interface of the router and through the cli. From other computers in a local area does not respond?! From computers traceroute to 10.0.3.1 shows the first hop to Gate 192.168.1.1 (router), then ***.
Answer the question
In order to leave comments, you need to log in
Andrey Barbolin Sand Thank you all for your help. Came like a happy ending. I can now reach wireguard clients from LAN and vice versa. It turns out keenetic by default blocks the firewall from going back and forth between local subnets. You don’t even have to separate the raspberry into a separate segment, asymmetric routing does not seem to occur, as they said in the kinetics support, although the server sends the packet directly and receives from the kinetics this is an on-link network directly connected to the server. Traffic on kinetics is by default navigating to any interface
Have you figure out the route to the network 192.168.1.0/24 goes through another interface, you have to guess
Long live asymmetric routing!!!
Your answers to the PC are returned from raspberry bypassing the kinect.
What can be done:
1) Reduce the mask on raspberry to eth0 192.168.1.3/25
2) Register the route ip route 192.168.1.128/25 gw 192.168.1.1 on raspberry
3) Configure DHCP to give out addresses to clients on the local network from 192.168. 1.130 over 254 IP.
OR
Setting up a masquerade on eth0 on raspberry towards 192.168.1.0/24, in this option, VPN clients will get into the LAN, but the LAN will not get through to the VPN.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question