i tried to do a site to site vpn wireguard, for can do some remote maintenance.
i don t want to use goodclood site to site, because i want to can fully manage each client (they can be on site, with different architecture).
(i can t upload my graphic)
i request your help for a configuration.
I already try to follow WireGuard Client - GL.iNet Docs
And i also try to use goodcloud, without real succes, and i prefer to can do manually.
I have buy 2 AR750
1 is the server : is at home behind a internet box . the internet box have a port forwarding 51820 to the AR750 server
2 is a client : it could go everywhere connect by a sharing connection (mobile phone), on lan some automation machine (PLC, SCADA,HMI)
3 i have a engenering computer with wireguard client on it, it could be everywhere also, connected to server by wirguard client install on it
The purpose is :
The server is a wireguard server : Wan ip 192.168.2.12 / wireguard ip 192.168.10.1 / lan ip 192.168.8.1 mask 255.255.255.0
The client 2 is a wireguard client : wan ip (can change) / wireguard ip 192.168.10.3 / lan ip 192.168.0.240 mask 255.255.255.0
The engenering computer is wireguard client : wan ip (can change) / wireguard ip 192.168.10.2/ lan ip can change mask 255.255.255.0
I would like to can access to PLC/SCADA/HMI on the lan of client 2 from the engenering station.
Actually
Wireguard server/client/engenering pc are connected by wireguard firewall
From my engenering pc,
i am able to ping the 3 wireguard ip (192.168.10.XX) , to ping the wan ip behind the server (and all ip in 192.168.2.XXX), also lan ip (192.168.8.XX)
from engenering pc (when wireguard is activate) i can connect on web access of each AR750
i m NOT able to access on lan side of client 2.
I don ‘t know which modification i have to do (on server or client 2).
on server side i had on the file /etc/config/wireguard_server
list subnet ‘192.168.0.0/24’
list subnet ‘192.168.1.0/24’
list subnet ‘192.168.2.0/24’
list subnet ‘192.168.60.0/24’ (this will be for a futut installation)
Could you help me to have a simple setup for can configure my differents client to can have access on lan side ?
if it is possible , i would like to can configure via Lucie interface.