a month ago
I have configured an XT8 Wireguard client to connect to my RT-AX86U wireguard server following the Asus Site to Site Wireguard Guide. Making sure to tick Allow Intranet and untick NAT where required.
On the server side, I can see routes created for the Wireguard tunnel IP's and the client LAN range. This side works fine (i can ping client router on 192.168.2.1 from server side addresses). But from the Client Side I cannot ping the Server-side router on its LAN range (192.168.1.254) despite this meant to be being two-way communication.
If I change the Allowed IP's on the Client side to specify the server side range and tunnel(10.6.0.1/32,192.168.1.0/24) there is no route created and hence communication still fails. But if I then create a route (using SSH only, because the static route GUI does not let me select WGC5 as the interface) ip route add 192.168.1.0/24 via 10.6.0.2 dev wgc5 this gets the traffic flowing to that range fine.
My question is how is the client meant to route traffic to the server LAN local address in the site to site configuration guide setup? What am I missing?
router is on 3.0.0.4.388_24668 firmware.
a month ago
I suspect/guess you could try changing the Subnet Mask to 255.255.254.0. (Crossing my fingers as I'm guessing here)....