How to Configure Site-to-Site WireGuard VPN on Omada Controller

How to Configure Site-to-Site WireGuard VPN on Omada Controller

12 Reply
Re:How to Configure Site-to-Site WireGuard VPN on Omada Controller
2023-12-15 00:59:47

Hi @dmvazquez 

Thanks for posting in our business forum.

dmvazquez wrote

Hi!

ER605 V2 here, firmware 2.2.2.
Trying to config SITE-TO-SITE (permanent tunnel).
How can I add multiple subnets in Peer "Allowed IP" parameter? (On each side).
I can not ping between subnets, but routers can between them.

 

--------------------------------------------------------

 

# Subnet A

10.10.2.0/24


# Router A

[Wireguard]

Local IP Address = 10.10.10.2

Listen Port = 51820

[Peers]

Public Key = PubKey Router B

Endpoint = Router B IP

Endpoint Port = 51820

Allowed IP = 10.10.3.0/24      <<<<<<<<  THIS IS WHERE I CAN NOT ADD ANOTHER SUBNET

Persistent Keepalive = 16

 

--------------------------------------------------------

 

# Subnet B

10.10.3.0/24


# Router B

[Wireguard]

Local IP Address = 10.10.10.3

Listen Port = 51820

[Peers]

Public Key = PubKey Router A

Endpoint = [empty]

Endpoint Port = [empty]

Allowed IP = 10.10.2.0/24      <<<<<<<<  THIS IS WHERE I CAN NOT ADD ANOTHER SUBNET

Persistent Keepalive = 16

 

--------------------------------------------------------

 

From any device from Subnet A I can ping only to Router B IP.

(ping 10.10.3.1  >> OK)
(ping 10.10.3.101 >> Request timed out!)

 

From any device from Subnet B I can ping only to Router A IP.

(ping 10.10.2.1  >> OK)
(ping 10.10.2.101 >> Request timed out!)

 

 

Any help will be appreciated!
Thanks!

In controller mode, you can add multiple subnets in allowed-ips.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#13
Options
Re:How to Configure Site-to-Site WireGuard VPN on Omada Controller
2024-08-21 12:53:15

  @RSCW unfortunately no, the port cannot be accessed on CGNAT

Omada Hardware Controller OC200 1.0: FW: 1.31.3 Router : ER706W v1.0 : FW : 1.1.2 Switch : TL-SG2008 V4_4.20.0 and TL-SG108E V5_20191021 AP: EAP610 V3_1.4.3 and TL-WA801N V6_200116
  0  
  0  
#14
Options
Related Articles