Firstly, a network diagram:
Secondly, a config file:
Thirdly, a background story. Originally I have configured my Mikrotik router through the Quick set with LAN adresses 192.168.1.3/24. That's why you'll see "defconf" references. On the top of that I have created Wireguard tunnel with 10.-something-/24. I was able to reach out router, machines in wireguard network and also machines on LAN. It turned out that some WiFi hotspots/networks uses same network as my LAN. That's why I have decided to change IP addresses of both LAN and wireguard networks.
You can see visual representation of new subnets on this link. In particular it is network 172.31.32.0/19 (172.31.32.1 - 172.31.63.254) where:
- 172.31.32.0/20 (172.31.32.1 - 172.31.47.254) is LAN network - in the config commented as "newconf"
- 172.31.48.0/20 (172.31.48.1 - 172.31.63.254) is Wireguard network - in the config commented as "wireguard"
PC is Linux machine configured through Network Manager. I believe relevant sections of config file follows:
Code: Select all
[connection]
id=wg1
type=wireguard
interface-name=wg1
[wireguard-peer.<REDACTED>]
endpoint=192.0.2.99:51003
allowed-ips=172.31.48.0/20;
[ipv4]
address1=172.31.48.42/32
method=manual
Virtual server is jail running on FreeNAS. Also instead of it I've tried to reach out physical Linux machine without luck.
Once I establish a wireguard tunel, I'm able to reach out to router's and file server's wireguard addresses. What I'm not able to reach out is the virtual server, which has only LAN address.