I need to assign one specific remote dial-in wireguard client a static IP address of my internal LAN segment. How can I realize this?
Many thanks
Are you using FRITZ!Box as a WireGuard client?
WireGuard 'clients' are already statically assigned IPs. It seems like you're looking to either update your LAN-side routing tables but it might just be far easier for long term use to set up a Site-to-Site configuration.
Note WireGuard is technically a peer-to-peer technology; 'client/server' references are used as holdover convention/terminology. It's the routing tables that make the difference.
You haven't stated what is your GL.iNet device but S2S is supported, IIRC.
If you have a FRITZ!Box you may have problems:
No, I intend to use a Wireguard Client running within a Docker Container on a Synology or maybe within a Virtual Guest at VirtualMachine of a Synology...
Hi,
As 9bb... mentioned generally the WireGuard interface is a separate subnet, and the VPN access is achieved through route tables.
What questions do you encounter in wireguard configuration?
You can draw a topology diagram, including the IP subnet. We try to check.
Hi,
As 9bb... mentioned generally the WireGuard interface is a separate subnet, and the VPN access is achieved through route tables.
What questions do you encounter in wireguard configuration?
You can draw a topology diagram, including the IP subnet. We try to check.
Your remote/left side network uses the same subnet as the home/local network (192.168.88.0/24). That's just causing a loop back into the remote site's network. Change it to something else like 192.168.80.0/24. Then you should be able to set up a S2S without issue if the WAN/Internet link is stable.
Thanks! Unfortunately it is the other way round. The left side is the office network and the right hand side ist remote. And a NAS on the left hand side needs to synchronize the data to the remote NAS which needs to own one specific IP of the office network (...44)...
Well WG is technically a peer-to-peer VPN. 'Client/server' terminology is just an anachronism to make it more approachable. You seem to have a routing conflict causing a loopback at one of your endpoints.
Setting the WG tunnel to a wholly different subnet (eg: 10.0.0.0/24) with the LAN as 192.168.{80, 88}.0/24, respectively, should allow a S2S without much bother. See the aforementioned link.
1 Like
Thanks! I will give it a try!
Got it! Works! Great! Many thanks!!!
2 Likes
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.