[SOLVED] local-lan clients can not connect to wg clients

Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking
View previous topic :: View next topic  
Author Message
frashman
DD-WRT Novice


Joined: 19 Aug 2020
Posts: 17
PostPosted: Tue Sep 21, 2021 7:26    Post subject: [SOLVED] local-lan clients can not connect to wg clients Reply with quote
Hi,

I recently had to adjust my dnsmasq options to deal with an issue with Discord (VoIP Service). In the process I had alot trial and error tinkering including updating to the latest firmware (r46974 to r47474). Anyway, I got Discord working again and have a clean and new setup.
But now its not possible to access my wireguard clients from the local LAN, but the other direction is working.

Maybe something changed between the firmware versions or I missed somthing. It would be nice if someone can have a look.

Could it be a missing route? Is it the "CVE-2019-14899 Mitigation"?


    Firmware: DD-WRT v3.0-r47474 std (09/20/21)
    local-lan (br0): 10.0.0.0/16
    wireguard (oet2): 10.0.1.0/24






ping from wireguard client to local client:
Code:

backup@10.0.1.30:$ ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=63 time=24.6 ms


ping from local client to wireguard client:
Code:

nas@10.0.0.2:$ ping 10.0.1.30
PING 10.0.1.30 (10.0.1.30) 56(84) bytes of data.
From 10.0.0.2 icmp_seq=1 Destination Host Unreachable


Router IP route:
Code:

router@10.0.0.1:~# ip r
default via xxx.xxx.xxx.xxx dev ppp0
10.0.0.0/16 dev br0 scope link  src 10.0.0.1
10.0.1.0/24 dev oet2 scope link  src 10.0.1.1


Last edited by frashman on Tue Sep 21, 2021 9:21; edited 1 time in total
Back to top View user's profile Send private message
Sponsor
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12887
Location: Netherlands
PostPosted: Tue Sep 21, 2021 7:44    Post subject: Reply with quote
Will have a look later

But two things stand out:
Disable CVE Mitigation

Your WireGuard subnet and local subnet seem to overlap
(This could be the culprit, WG is a routed solution, local LAN, WG LAN and Client LAN all have to be different)
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top View user's profile Send private message
frashman
DD-WRT Novice


Joined: 19 Aug 2020
Posts: 17
PostPosted: Tue Sep 21, 2021 8:24    Post subject: Reply with quote
egc wrote:
Your WireGuard subnet and local subnet seem to overlap
(I think this is the culprit, WG is a routed solution, local LAN, WG LAN and Client LAN all have to be different, should be in the guide Smile)


Yes, of course ... that was the problem. I wonder why I didn't have any problems with that before. Anyway, I changed the subnets and now it's working again.

local-lan (br0): 10.0.0.0/22
wireguard (oet2): 10.0.10.0/24

thanks!
Back to top View user's profile Send private message
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12887
Location: Netherlands
PostPosted: Tue Sep 21, 2021 8:48    Post subject: Reply with quote
Great to hear it is working again, please mark as [SOLVED] Smile
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Back to top View user's profile Send private message
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum