When communicating with a Wireguard server via VPN, Ping does not work on devices connected to the router via Ethernet (GL-XE300 PULI)

Yos · September 11, 2024, 6:59am

Hello!

In the topology shown below, the PC(1) on the WG_Client(2) side can ping devices(4) connected to the WG_Server(3) via Wi-Fi, but cannot access devices(5,6) connected to the same node via Ethernet cable.

Of course, the WG_Server router(3) correctly recognizes devices(5,6) connected to Ethernet as clients, and Pings from the phone(4) on the same node work, so there seems to be no problem with the Wi-Fi<>Ethernet bridge.

I set it up using the following page as a reference, and it worked fine with the Wi-Fi connection, so I was relieved, but there was a catch.

Building a Site-2-Site network manually using two GL.iNet routers(SDK 4.X)

Why does this happen? Have you seen anything similar?

bruce · September 11, 2024, 10:50am

Seems this network topology is not problem.

probably the IoT is blocked the traffic of the non-original source IP?
probably the issue about the firewall rule of the IoT or the router.

May can connect other devices like PC behind the WG server, to see if it can be ping from the PC1 of the WG Client 2?

note: sure to the PC disable the firewall or allow that network is in the 'private', accept the ICMP ping.

Yos · September 13, 2024, 3:03am

Your point was spot on.

When I connected PC2(7) to WG_Server via Ethernet, both ping and tracert worked. In other words, (5) and (6) are rejecting the traffic of the non-original source IP.

I could resolve the issue by masquerading as below in the Luci of WG_Server (3).

Thank you ! ! !