ER7206 - Wireguard "Allowed Address" issue

ER7206 - Wireguard "Allowed Address" issue

37 Reply
Re:ER7206 - Wireguard "Allowed Address" issue
2024-06-13 04:49:41

Thanks for your response.

 

I tried to add peers as you mentioned but it didn't work either.

 

FYI, the existing router ( openwrt ) which I used doesn't require any kind of changes in the peer. I am not blaming on TP-link. just trying to give you a clear picture.

 

I don't need to access my WG server LAN. I just wanted to access the peers connecting through WG server.

 

this is the screen shot of WG server config, do you think it need changes ?

 

  0  
  0  
#32
Options
Re:ER7206 - Wireguard "Allowed Address" issue
2024-06-13 06:01:58

@Navas1 

As the data center server?

We don't support iptables. I am not sure why WG would contain the iptables in the interface.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#33
Options
Re:ER7206 - Wireguard "Allowed Address" issue
2024-06-13 06:13:05

  @Navas1 

WG server, data center

[Interface]
PrivateKey = key
Address = 192.168.4.1/32
ListenPort = 51820

[Peer]
# Router1
PublicKey = key1
AllowedIPs = 192.168.0.0/24

[Peer]
# Router2
PublicKey = key2
AllowedIPs = 192.168.1.0/24

Are you sure that you configured in this way?

 

For the Router 1 and 2, you can add, e.g.:

[Interface]
PrivateKey = key
Address = 192.168.4.8/32

[Peer]
# WireGuard Server
PublicKey = key
Endpoint = center:51820
AllowedIPs = 192.168.4.1/32, 192.168.1.0/24
PersistentKeepalive = 25

 

Just like what I described earlier but with an additional 192.168.4.1/32. If this does not work, I run out of ideas.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#34
Options
Re:ER7206 - Wireguard "Allowed Address" issue
2024-06-13 08:47:45

Thank you for your reponse, appreciated.

 

Sorry, just one question.

 

I am running ER7206 as a standalone router, I only have option for adding one subnet, should I use router to SDN module to add additional subnets ?

  0  
  0  
#35
Options
Re:ER7206 - Wireguard "Allowed Address" issue
2024-06-14 00:51:21

@Navas1 

If you have read my guides, this is self-evident. Standalone and controller mode have its own advantages in certain situations.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#36
Options
Re:ER7206 - Wireguard "Allowed Address" issue
2024-06-14 09:36:09

  @Navas1 

 

Thank you for your response, let me connect my router to a SDN software controller and will keep you updated.

  0  
  0  
#37
Options
Re:ER7206 - Wireguard "Allowed Address" issue
2024-09-03 21:18:05

  @Navas1 did you fix that? I'm expericing same problem.

 

I installed two VPNs, being one acting as a server and other as a client (must only connect on endpoint), both allowing only some restrict IPs (corresponding the lan IP).

 

Server Wireguard is working fine. I can access and ping all allowed IPs, however the Wireguard client (which only connect on remote IP) doesn't work! It shows as connected, but I can't ping or access the PC remotly!

  0  
  0  
#38
Options