Dear Experts,
I have a linux Debian 12 machine hosted on a virtual machine (linode).
It has two physical interfaces:
eth0 - WAN - with access to www - not relevant for the question.
eth1 - LAN - Manually configured with a static ip address 10.99.0.1/24.
Then i have another virtual interface
wg1 - LAN - Manually configured with a static ip address 10.97.0.1/24
eth1 is used as the endpoint for all VPN connections towards site-to-site / clients. using ipsec proto.
wg1 is used as the endpoint for all VPN connections used for employees, using wireguard vpn.
The VPNs are working fine:
Site-to-site, the tunnels are up and I can ping from the server all sites .1 ip address.
Employee vpn, the employee has the VPN installed on its PC. The tunnel is up and can ping the server.
The problem is actually achieving "connecting" between the employee PC to the remote sites.
At the moment I am not using firewall of any kind to keep things simple and avoid more doubts.
SERVER SIDE
EMPLOYEE PC
If there's anything else, information please comment and i will reply.
Regards,
Ale.
I have a linux Debian 12 machine hosted on a virtual machine (linode).
It has two physical interfaces:
eth0 - WAN - with access to www - not relevant for the question.
eth1 - LAN - Manually configured with a static ip address 10.99.0.1/24.
Then i have another virtual interface
wg1 - LAN - Manually configured with a static ip address 10.97.0.1/24
eth1 is used as the endpoint for all VPN connections towards site-to-site / clients. using ipsec proto.
wg1 is used as the endpoint for all VPN connections used for employees, using wireguard vpn.
The VPNs are working fine:
Site-to-site, the tunnels are up and I can ping from the server all sites .1 ip address.
Employee vpn, the employee has the VPN installed on its PC. The tunnel is up and can ping the server.
The problem is actually achieving "connecting" between the employee PC to the remote sites.
At the moment I am not using firewall of any kind to keep things simple and avoid more doubts.
SERVER SIDE
Code:
root@be1:~#ip a3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 90:de:01:af:97:36 brd ff:ff:ff:ff:ff:ff inet 10.99.0.1/24 brd 10.99.0.255 scope global eth1 valid_lft forever preferred_lft forever inet6 fe80::92de:1ff:feaf:9736/64 scope link valid_lft forever preferred_lft forever4: wg1: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000 link/none inet 10.97.0.1/24 scope global wg1 valid_lft forever preferred_lft forever root@be1:~#ip route10.97.0.0/24 dev wg1 proto kernel scope link src 10.97.0.110.99.0.0/24 dev eth1 proto kernel scope link src 10.99.0.1EMPLOYEE PC
Code:
C:\Users\4lele>ipconfigUnknown adapter BE1: Connection-specific DNS Suffix . : IPv4 Address. . . . . . . . . . . : 10.97.0.11 Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . :C:\Users\4lele>route print -4IPv4 Route Table===========================================================================Active Routes:Network Destination Netmask Gateway Interface Metric 10.97.0.1 255.255.255.255 On-link 10.97.0.11 5 10.97.0.11 255.255.255.255 On-link 10.97.0.11 261 10.99.0.1 255.255.255.255 On-link 10.97.0.11 5 10.100.0.0 255.255.0.0 On-link 10.97.0.11 5 10.100.14.0 255.255.255.0 On-link 10.97.0.11 5 10.100.14.255 255.255.255.255 On-link 10.97.0.11 261===========================================================================Persistent Routes: NoneC:\Users\4lele>ping 10.99.0.1Pinging 10.99.0.1 with 32 bytes of data:Reply from 10.99.0.1: bytes=32 time=17ms TTL=64Reply from 10.99.0.1: bytes=32 time=16ms TTL=64Reply from 10.99.0.1: bytes=32 time=16ms TTL=64Reply from 10.99.0.1: bytes=32 time=16ms TTL=64Ping statistics for 10.99.0.1: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),Approximate round trip times in milli-seconds: Minimum = 16ms, Maximum = 17ms, Average = 16msC:\Users\4lele>ping 10.100.14.1Pinging 10.100.14.1 with 32 bytes of data:Request timed out.Request timed out.Request timed out.Request timed out.Ping statistics for 10.100.14.1: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),Regards,
Ale.
Statistics: Posted by aleled — 2024-08-19 18:57 — Replies 0 — Views 16