Recently I’ve been testing WireGuard with my PFSense setups, rather than IPsec and OpenVPN. I’ve found it really good and I think WireGuard works really well. The one thing I was a little stuck on was how to allow remote clients from one site to access devices on the second sites LAN.
|Main Site||Remote Site|
|WireGuard Site to site||172.16.18.1/31||172.16.18.0/31|
|WireGuard Remote Clients VPN||172.16.17.1/24|
I want my remote devices connected to the main site via the WireGuard to be able to access the 10.19.96.3/20 LAN on the remote site.
- You already have a WireGuard Site-to-Site VPN setup and can route traffic between the two sites LAN’s.
- You already have a wireGuard remote client VPN setup and can access the main sites LAN
- Log into your Remote PFsense router. Go to System -> Routing -> Static Routes.
- Add a static route for your WireGuard Remote Clients VPN subnet(Main Site), use the WireGuard Site-to-Site VPN Gateway.
- Now go to VPN -> WireGuard-> Peers. Select edit on your main site peer.
- Under the Address Configuration, add your WireGuard Remote Clients VPN subnet(Main Site) to the allowed IP’s.
- Now remote clients connected to the main site should be able to access your remote sites LAN.