On Wed, 8 Dec 2021 13:30:45 -0700 Charles Curley <charlescur...@charlescurley.com> wrote:
> I have a wireguard setup that lets me ping from either endpoint to the > other. Using the client, I would like to address hosts on the home > (server's) network by their local IP addresses. > > On the client, I can ping the other end of the tunnel, but not any > local addresses. On the client: > > root@iorich:~# ping 192.168.100.30 > PING 192.168.100.30 (192.168.100.30) 56(84) bytes of data. > From 10.0.2.3 icmp_seq=1 Destination Host Unreachable > ping: sendmsg: Required key not available > From 10.0.2.3 icmp_seq=2 Destination Host Unreachable > ping: sendmsg: Required key not available > From 10.0.2.3 icmp_seq=3 Destination Host Unreachable > ping: sendmsg: Required key not available > From 10.0.2.3 icmp_seq=4 Destination Host Unreachable > ping: sendmsg: Required key not available > From 10.0.2.3 icmp_seq=5 Destination Host Unreachable > ping: sendmsg: Required key not available > > --- 192.168.100.30 ping statistics --- > 5 packets transmitted, 0 received, +5 errors, 100% packet loss, time > 4087ms > > root@iorich:~# Solution: put the network(s) you want to address over wireguard into the client's list of AllowedIPs. AllowedIPs = 10.0.2.0/24, 192.168.100.0/24 This means removing the PostUp route add and PostDown route del statements from the client's configuration, otherwise route will complain. -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/