hi all,
i need to setup the following scenario:
wireguard server - cloud, pfsense. public ip as wan and a private ip as local lan provided by other router.
wireguard client - mikrotik rb750 behind an other router; mikrotik wan ip from dhcp and 192.168.x.0/24 in lan - bridge interface
just setup wireguard with following rules:
a) mikrotik:
- new interface wg1 with public key used in peer with pfsense, port 51820, peer with endpoint - public ip of pfsense; allowed address > tried both wg tunnel + lan from pfsense and 0.0.0.0/0, works both
- wg1 ip in the same subnet as pfsense wg interface
- ip route pfsense lan ip's through wg ip from pfsense
- ping from m'tik terminal to pfsense lan and devices works, ping from m'tik internal devices to pfsense lan devices works.
b) pfsense:
- wg interface with public key used in peer with m'tik; allowed address - wg address from m'tik + lan subnet from m'tik
- routing: added gateway with ip from m'tik wg ip, added static route with dst network as m'tik lan through gateway defined eralier
- ping from pfsense diagnostic to m'tik lan and devices works, ping from internal devices to m'tik lan devices don't works.
right now i don't know what to do anymore. it's mikrotik issue, it's pfsense issue?
can somebody help me, please?
regards