wireguard doesn't populate allowed ips for endpoints after the first #1419
Comments
|
You should set a fixed IP with subnet, not a whole network with ending 0 |
|
I haven't configured that .0/27 anywhere. my three endpoints are .2/27 .3/27 .4/27 and the server is .1/27 |
|
You configure the endpoints on server and link them in local or not? Isnt there a field for Tunnel address in every endpoint dialog? |
|
Yeah the endpoints are linked in the local server. I'm not sure what you're asking in the 2nd question. There's allowed IPs and endpoint address. I'm configuring this tunnel the way I've configured it in Linux, which has always worked. |
|
To clarify: it seems like a problem in the gui configuration. the allowed IPs i've configured in each endpoint are not showing in the allowed IPs of the output in 'list configuration'. the endpoint that shows .0/27 as the allowed ips is actually configured as .2/27 |
|
Hm, this is strange. It also doesn't work when using WG without the GUI/plugin. |
|
Solved it, on wireguard server, as tunnel address in enpoints use /32 |
|
apologies for my mistake, I think the help text threw me off |
|
Nö worries, I already updated the docs as they are not clear enough, will also go througj the helptext again https://github.com/opnsense/docs/blob/master/source/manual/how-tos/wireguard-client.rst |
omg. Finally solved. Thank you so much. |
Wireguard works fine with one endpoint configured for the server. Any endpoint after the first will not populate the "allowed ips" field.
I can disable any two of these endpoints in the server config and the remaining endpoint will populate the allowed ips field and the tunnel will operate.
The text was updated successfully, but these errors were encountered: