* Routing to a network behind a node
@ 2018-09-08 9:06 M. Dietrich
2018-09-08 10:23 ` Steven Honson
0 siblings, 1 reply; 3+ messages in thread
From: M. Dietrich @ 2018-09-08 9:06 UTC (permalink / raw)
To: WireGuard mailing list
[-- Attachment #1: Type: text/plain, Size: 1031 bytes --]
Hi,
i have setup a wg vpn with several nodes, lets say in a
network 172.16.215.0/24. one of the boxes (ip 172.16.215.2) in
that network has an interface to a different network with
additional boxes, lets say 172.16.0.0/24. i would like to
reach the boxes in that network directly so i established a
route on another node in the wg network (172.16.215.1) like
this:
ip route add 172.16.0.0/24 via 172.16.215.2
but once i ping 172.16.0.1 i get the error
From 172.16.215.1 icmp_seq=1 Destination Host Unreachable
ping: sendmsg: Required key not available
it seems the package reaches wireguard but wireguard doesnt
know the "via" and tells it has no key to route to 172.16.0.1
which is fine. but why doesn wg honour the via and send it to
the router 172.16.215.2?
i think its more or less whats done if you route all your
traffic through wg so i assume i do a terrible stupid mistake
(i am no network or kernel routing expert which may be an
excuse), can someone help?
best regards,
M. Dietrich
[-- Attachment #2: Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Routing to a network behind a node
2018-09-08 9:06 Routing to a network behind a node M. Dietrich
@ 2018-09-08 10:23 ` Steven Honson
2018-09-08 19:54 ` M. Dietrich
0 siblings, 1 reply; 3+ messages in thread
From: Steven Honson @ 2018-09-08 10:23 UTC (permalink / raw)
To: M. Dietrich; +Cc: WireGuard mailing list
Hello,
Have you added 172.16.0.0/24 to the AllowedIPs entry for the =
172.16.215.2 Peer on 172.16.215.1?
Are you able to share your WireGuard configuration?
Cheers,
Steven
> On 8 Sep 2018, at 7:06 pm, M. Dietrich <mdt@emdete.de> wrote:
>=20
> Hi,
>=20
> i have setup a wg vpn with several nodes, lets say in a
> network 172.16.215.0/24. one of the boxes (ip 172.16.215.2) in
> that network has an interface to a different network with
> additional boxes, lets say 172.16.0.0/24. i would like to
> reach the boxes in that network directly so i established a
> route on another node in the wg network (172.16.215.1) like
> this:
>=20
> ip route add 172.16.0.0/24 via 172.16.215.2
>=20
> but once i ping 172.16.0.1 i get the error
>=20
> =46rom 172.16.215.1 icmp_seq=3D1 Destination Host Unreachable
> ping: sendmsg: Required key not available
>=20
> it seems the package reaches wireguard but wireguard doesnt
> know the "via" and tells it has no key to route to 172.16.0.1
> which is fine. but why doesn wg honour the via and send it to
> the router 172.16.215.2?
>=20
> i think its more or less whats done if you route all your
> traffic through wg so i assume i do a terrible stupid mistake
> (i am no network or kernel routing expert which may be an
> excuse), can someone help?
>=20
> best regards,
> M. Dietrich
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2018-09-08 19:53 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-09-08 9:06 Routing to a network behind a node M. Dietrich
2018-09-08 10:23 ` Steven Honson
2018-09-08 19:54 ` M. Dietrich
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).