Hi there,
I'm not great with networking stuff, but I'm trying to set up routing. I need to send one machine (192.168.88.195) on our local network through a VPN to get online. The VPN server is in a specific region. Here's a simple diagram to help explain.
I've set up a wireguard connection, and it's working fine. I can ping back and forth between the router and the peer without any issues. I can also ping any machine in the router's local network as well as the wireguard private network. I've even tested connecting directly to the peer (VPN server) from another laptop on a different network using the same settings, and the VPN works perfectly.
However, I'm encountering a problem. After configuring everything, it seems like the machine at 192.168.88.195 is stuck in a loop on the router. All the established connections (like SSH, for example) are still reachable, but any new connections seem to get stuck. I can't reach any remote destinations, and even local connections aren't working properly.. some example:
here is my wireguard configuration
here I added the configs of routing, all what I found in the official tutorials and how I understood them.
I'm not great with networking stuff, but I'm trying to set up routing. I need to send one machine (192.168.88.195) on our local network through a VPN to get online. The VPN server is in a specific region. Here's a simple diagram to help explain.
I've set up a wireguard connection, and it's working fine. I can ping back and forth between the router and the peer without any issues. I can also ping any machine in the router's local network as well as the wireguard private network. I've even tested connecting directly to the peer (VPN server) from another laptop on a different network using the same settings, and the VPN works perfectly.
However, I'm encountering a problem. After configuring everything, it seems like the machine at 192.168.88.195 is stuck in a loop on the router. All the established connections (like SSH, for example) are still reachable, but any new connections seem to get stuck. I can't reach any remote destinations, and even local connections aren't working properly.. some example:
Code:
traceroute: sendto: Can't assign requested address64 traceroute: wrote 8.8.8.8 52 chars, ret=-1 *traceroute: sendto: Can't assign requested addresstraceroute: wrote 8.8.8.8 52 chars, ret=-1 *traceroute: sendto: Can't assign requested addresstraceroute: wrote 8.8.8.8 52 chars, ret=-1here is my wireguard configuration
Code:
/interface/wireguard print detailFlags: X - disabled; R - running 0 R name="evergate" mtu=1420 listen-port=13233 private-key="****" public-key="****" Code:
/interface/wireguard/peers/print detailFlags: X - disabled; D - dynamic 0 ;;; gate interface=evergate public-key="****" private-key=**** endpoint-address="" endpoint-port=0 current-endpoint-address=199.34.230.84 current-endpoint-port=57023 allowed-address=0.0.0.0/0 preshared-key=**** persistent-keepalive=25s client-address=10.1.102.2/32 client-dns=10.1.102.1 client-endpoint=public.domain.com client-keepalive=25s rx=597.0KiB tx=1029.9KiB last-handshake=16s Code:
/ip/firewall/nat/print detail Flags: X - disabled, I - invalid; D - dynamic 0 ;;; defconf: masquerade chain=srcnat action=masquerade out-interface-list=WAN ipsec-policy=out,none 1 chain=srcnat action=masquerade connection-mark=specific_conn out-interface=evergateCode:
/ip/firewall/mangle/print detail Flags: X - disabled, I - invalid; D - dynamic 0 D ;;; special dummy rule to show fasttrack counters chain=prerouting action=passthrough 1 D ;;; special dummy rule to show fasttrack counters chain=forward action=passthrough 2 D ;;; special dummy rule to show fasttrack counters chain=postrouting action=passthrough 3 chain=prerouting action=mark-connection new-connection-mark=specific_conn src-address=192.168.88.195 4 chain=prerouting action=mark-routing new-routing-mark=specific_route connection-mark=specific_conn Code:
/ip/route/print detail Flags: D - dynamic; X - disabled, I - inactive, A - active; c - connect, s - static, r - rip, b - bgp, o - ospf, i - is-is, d - dhcp, v - vpn, m - modem, y - bgp-mpls-vpn; H - hw-offloaded; + - ecmp DAv dst-address=0.0.0.0/0 routing-table=main pref-src="" gateway=pppoe immediate-gw=pppoe distance=1 scope=30 target-scope=10 vrf-interface=pppoe suppress-hw-offload=no DAc dst-address=10.1.102.0/24 routing-table=main gateway=evergate immediate-gw=evergate distance=0 scope=10 suppress-hw-offload=no local-address=10.1.102.1%evergate DAc dst-address=183.38.252.335/32 routing-table=main gateway=pppoe immediate-gw=pppoe distance=0 scope=10 suppress-hw-offload=no local-address=178.34.12.16%pppoe DAc dst-address=192.168.88.0/24 routing-table=main gateway=bridge immediate-gw=bridge distance=0 scope=10 suppress-hw-offload=no local-address=192.168.88.1%bridge 0 As dst-address=0.0.0.0/0 routing-table=specific_route pref-src="" gateway=10.1.102.2 immediate-gw=10.1.102.2%evergate distance=1 scope=30 target-scope=10 suppress-hw-offload=no Code:
/routing/table/print detail Flags: D - dynamic; X - disabled, I - invalid; U - used 0 D name="main" fib 1 name="specific_route" fibStatistics: Posted by heyteams — Mon Feb 19, 2024 10:12 am