I have a basic home network setup but none of the remote clients in Wireguard network can't reach or ping local devices or the internet (not even the router). I already read this great article, but I didn't find the solution. viewtopic.php?t=182340
Please help me what haven't I noticed? I assume something is wrong with the routing as WG connection established.
Any help is greatly appreciated!
HW: RB4011 + hap ac2 (managed by capsman), ROS: 7.7
Routing
Code: Select all
DST-ADDRESS GATEWAY DISTANCE
DAd 0.0.0.0/0 PUBLIC_IP_GW 1
DAc PUBLIC_SUBNET/21 ether1 0
DAc 192.168.90.0/24 wireguard1 0
DAc 192.168.95.0/24 bridge1 0Code: Select all
/interface wireguard
add listen-port=13231 mtu=1420 name=wireguard1
/interface wireguard peers
add allowed-address=192.168.90.7/24 comment="my_laptop" interface=wireguard1 public-key="fancy_public_key"
Code: Select all
/ip firewall filter
add action=accept chain=input comment="allow WireGuard" dst-port=13231 protocol=udp
add action=accept chain=input comment="allow WireGuard traffic" log=yes log-prefix=Wireguard_ALLOW src-address=192.168.90.0/24
/ip firewall nat
add action=masquerade chain=srcnat src-address=192.168.95.0/24
add action=masquerade chain=srcnat comment="bridge configuration" out-interface=bridge1
add action=masquerade chain=srcnat src-address=192.168.90.0/24
