Accessing SMB shares on LAN from Wireguard server (GL-MT2500)

coldcuppatea · February 4, 2023, 9:53pm

I’m hoping someone can tell me if what I am trying to do is a) possible and b) if yes, how to do it!

I have Wireguard client and server running and can connect successfully from my iPhone. I am able to access the GT-MT2500 admin page on 192.168.88.1 over WAN. However, in an ideal world I would like to be able to access SMB shares on my main LAN, which is running off the Deco X20.

When I create client profiles on the MT2500 Wireguard Server page, I can see that there is an option for “allowed IPs”, but having experimented with adding various addresses in there I still can’t seem to connect to any other local address than the MT2500 admin portal.

My network looks something like this, with all my LAN devices on the 192.168.68.x range of IP addresses:

Internet > ASUS DSL-N16 > GL-MT2500 > DECO X20
PublicIP > 192.168.1.1 > 192.168.88.1 > 192.168.68.1

									^
								OpenMediaVaultPi / SMB
								192.168.68.51
									^										
								Windows 10 / SMB
								192.168.68.52
									^										
								HomeAssistantPi
								192.168.68.53

I suspect I’m missing something obvious, but as always I would be extremely grateful for any input.

Thanks!

hansome · February 6, 2023, 3:40am

From wg client via internet, you can access wg server’s LAN(ie, 192.168.88.x) at most.
You need to setup port forward or DMZ on your DECO X20 I think.

coldcuppatea · February 6, 2023, 9:34am

Yes, that has sort it thank you. I had forwarded from the MT2500 to the Deco, but not the other way round.

Many thanks!