Jump to content

help with WireGuard and pfSense

Ofir aviel
By Ofir aviel
in Networking
 Share
Posted

, I have a PiVpn WireGuard server running at my dad's house where the local network's subnet is 192.168.1.0/24, and I have a pfsense PC connected to a CGNAT Wan at my house as a client with the lan subnet of 192.168.10.0/24 to the WireGuard server.

 

the WireGuard's subnet is 10.227.186.0/24

 

I want to access my 192.168.10.0/24 network when I am connected to the WireGuard server as a client. how can I achieve such a thing?

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
1 hour ago, Ofir aviel said:

, I have a PiVpn WireGuard server running at my dad's house where the local network's subnet is 192.168.1.0/24, and I have a pfsense PC connected to a CGNAT Wan at my house as a client with the lan subnet of 192.168.10.0/24 to the WireGuard server.

 

the WireGuard's subnet is 10.227.186.0/24

 

I want to access my 192.168.10.0/24 network when I am connected to the WireGuard server as a client. how can I achieve such a thing?

I'm confused, if you are connected to Wireguard from your home, you still have full access to your home LAN.

 

Or did you mean you want to access your home LAN when at your dads house?  That would require configuration on the PiVPN.

I mean to make pfSense route between Wireguard and the LAN you need Outbound NAT rules to allow LAN traffic to translate to the WG network.

image.thumb.png.f8c351e9536579522bce359566c8f81f.png

That is my Wireguard interface network.

Then you also need Firewall Rules to do the opposite, allow all traffic from the Wireguard interface to LAN Destination.

But I'm honestly confused what you are trying to do here.

Router:  Intel N100 (pfSense) WiFi6: Zyxel NWA210AX (1.7Gbit peak at 160Mhz)
WiFi5: Ubiquiti NanoHD OpenWRT (~500Mbit at 80Mhz) Switches: Netgear MS510TXUP, MS510TXPP, GS110EMX
ISPs: Zen Full Fibre 900 (~930Mbit down, 115Mbit up) + Three 5G (~800Mbit down, 115Mbit up)
Upgrading Laptop/Desktop CNVIo WiFi 5 cards to PCIe WiFi6e/7

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
10 hours ago, Alex Atkin UK said:

I'm confused, if you are connected to Wireguard from your home, you still have full access to your home LAN.

 

Or did you mean you want to access your home LAN when at your dads house?  That would require configuration on the PiVPN.

I mean to make pfSense route between Wireguard and the LAN you need Outbound NAT rules to allow LAN traffic to translate to the WG network.

image.thumb.png.f8c351e9536579522bce359566c8f81f.png

That is my Wireguard interface network.

Then you also need Firewall Rules to do the opposite, allow all traffic from the Wireguard interface to LAN Destination.

But I'm honestly confused what you are trying to do here.

This is the map of my network. (I'm sorry for my drawing skills, they are bad...)
Using my pixel 6 Pro I can access the 192.168.1.0/24 network and the 10.227.186.0/24 but I cannot access the 192.168.10.0/24 network.

 

My end goal is to get access to the 192.168.10.0/24 network from my Pixel 6 Pro.

Network Map.png

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
12 hours ago, Ofir aviel said:

This is the map of my network. (I'm sorry for my drawing skills, they are bad...)
Using my pixel 6 Pro I can access the 192.168.1.0/24 network and the 10.227.186.0/24 but I cannot access the 192.168.10.0/24 network.

 

My end goal is to get access to the 192.168.10.0/24 network from my Pixel 6 Pro.

Network Map.png

Got it, so basically you need a NAT rule on PiVPN that will translate between the two networks.  I'm not familiar with PiVPN to know how to do that though.  Should be similar to how you set it up to NAT between 10.227.186.0 and 192.168.1.1 though.
I think you need the rule I mentioned on the pfSense end too in order to send the replies back.

Router:  Intel N100 (pfSense) WiFi6: Zyxel NWA210AX (1.7Gbit peak at 160Mhz)
WiFi5: Ubiquiti NanoHD OpenWRT (~500Mbit at 80Mhz) Switches: Netgear MS510TXUP, MS510TXPP, GS110EMX
ISPs: Zen Full Fibre 900 (~930Mbit down, 115Mbit up) + Three 5G (~800Mbit down, 115Mbit up)
Upgrading Laptop/Desktop CNVIo WiFi 5 cards to PCIe WiFi6e/7

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Networking

×