Wireguard Mesh / ICMP not working between LANs... unless TRACERT command

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Wireguard Mesh / ICMP not working between LANs... unless TRACERT command

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Wireguard Mesh / ICMP not working between LANs... unless TRACERT command
Wireguard Mesh / ICMP not working between LANs... unless TRACERT command
2023-12-16 12:50:08 - last edited 2023-12-22 07:22:51
Model: ER605 (TL-R605)  
Hardware Version: V2
Firmware Version: 2.2.2

Hi!
I'm having a problem trying to config a Wireguard Mesh.

I have 3 TP-Link ER605 in different locations. All same model, version and firmware (V2, F2.2.2).
The VPN is stablished fine between routers.

I'm not using OMADA Controllers.
Ping between routers, and some internal devices on each LAN (eg Access Points), is OK.
But I cannot ping between workstation in different LAN.

 

Eg:

Router 1 can ping Router 2

Worstation LAN 1 can ping Router 2

Worstation LAN 1 can ping Router 3

Worstation LAN 1 can ping Access Point LAN 2

>> Worstation LAN 1 CANNOT ping Worstation LAN 2

>> Worstation LAN 3 CANNOT ping Worstation LAN 1

and so on...

 

As I said, ping does not work, UNLESS i bring the command:

tracert Workstation LAN 2

And then ping started working.

Also, tracert command gets an infinite loop, in some cases.

 

This is the configuration of each Router:

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 

>>> Router 1 <<<

 

[Wireguard]
Name = 1
Listen Port = 51001
Local IP Address = 10.10.0.1

 

[Peers]
Interface = 1
Endpoint = Router 2 IP
Enpoint Port = 51002
Allowed Address = 10.10.2.0/24

 

Interface = 1
Endpoint = Router 3 IP
Enpoint Port = 51003
Allowed Address = 10.10.3.0/24

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 

>>> Router 2 <<<

 

[Wireguard]
Name = 2
Listen Port = 51002
Local IP Address = 10.10.0.2

 

[Peers]
Interface = 2
Endpoint = Router 1 IP
Enpoint Port = 51001
Allowed Address = 10.10.1.0/24

 

Interface = 2
Endpoint = Router 3 IP
Enpoint Port = 51003
Allowed Address = 10.10.3.0/24

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 

>>> Router 3 <<<

 

[Wireguard]
Name = 3
Listen Port = 51003
Local IP Address = 10.10.0.3

 

[Peers]
Interface = 3
Endpoint = Router 1 IP
Enpoint Port = 51001
Allowed Address = 10.10.1.0/24

 

Interface = 3
Endpoint = Router 2 IP
Enpoint Port = 51002
Allowed Address = 10.10.2.0/24

 

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 

Do I have anything wrong os misconfigured?

Any help will be very appreciated!
 

 

  0      
  0      
#1
Options
1 Accepted Solution
Re:Wireguard Mesh / ICMP not working between LANs... unless TRACERT command-Solution
2023-12-18 03:26:36 - last edited 2023-12-22 07:22:51

Hi @dmvazquez 

Thanks for posting in our business forum.

Rule out the firewall before you do anything like ping. Typical Windows firewall block ICMP.

 

And if this issue persists, show me the ipconfig and ping screenshot from PC A B C in LAN 1 2 3.

Anyway, you should first check if you can ping the gateway IP of 3 routers to verify the connectivity.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#2
Options
1 Reply
Re:Wireguard Mesh / ICMP not working between LANs... unless TRACERT command-Solution
2023-12-18 03:26:36 - last edited 2023-12-22 07:22:51

Hi @dmvazquez 

Thanks for posting in our business forum.

Rule out the firewall before you do anything like ping. Typical Windows firewall block ICMP.

 

And if this issue persists, show me the ipconfig and ping screenshot from PC A B C in LAN 1 2 3.

Anyway, you should first check if you can ping the gateway IP of 3 routers to verify the connectivity.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#2
Options