How to Configure WireGuard to Enable Client to Access Remote IPsec Site

How to Configure WireGuard to Enable Client to Access Remote IPsec Site

How to Configure WireGuard to Enable Client to Access Remote IPsec Site
How to Configure WireGuard to Enable Client to Access Remote IPsec Site
2023-12-19 08:46:22 - last edited 2024-09-19 00:51:05

Background:

 

This post provides a comprehensive configuration guide on WireGuard VPN to enable your WireGuard client to access the remote IPsec site.

Extra reference:

How to Configure WireGuard VPN on Omada Controller

How to Set up Site-to-Site Manual IPsec VPN Tunnels on Omada Gateway in Controller Mode

 

This Article Applies to:

 

All routers with WireGuard VPN are supported.

 

Application Scenario:

 

 

Configuration Steps:

 

Step 1. Configure WireGuard Interface at Site A

 

1. Configure the WireGuard Interface and generate the public and private keys. Go to VPN > Wireguard > Wireguard. Click Add.

 

 

2. Go to the Peer page and set up the Peer settings. Select the Interface and put your WireGuard information here. Allowed Address will be your client WireGuard interface IP.

If you don't know how to configure WireGuard, please read this configuration guide: How to Configure WireGuard VPN on Omada Controller

 

 

 

Step 2. Configure WireGuard on PC

 

Tunnel config:

 

[Interface]
PrivateKey = abc12345678
Address = 192.168.15.10/32
DNS = 114.114.114.114

 

[Peer]
PublicKey = xyz12345678
AllowedIPs = 192.168.0.0/24, 192.168.10.0/24
Endpoint = 192.168.2.147:51820

 

 

Step 3. Configure IPsec Site-to-Site VPN

 

In this setup, Site A is in standalone mode. Site B is in Controller mode.

1. Create the IPsec Site-to-Site VPN for Site B. How to Set up Site-to-Site Manual IPsec VPN Tunnels on Omada Gateway in Controller Mode

Pay attention to the Remote Subnets you set. You should include the WireGuard Interface here in the IPsec.

 

 

2. In standalone mode, Site A you need to repeat the steps twice to create different Remote Subnets. (It does not support multiple Remote Subnets in standalone mode now.)

 

#1 Rule

 

#2 Rule

 

 

Verification:

 

 

Update Log:

 

Jan 11th, 2024:

Update the format.

 

Recommended Threads:

 

Configuration Guide How to Configure WireGuard VPN on Omada Controller

How to Configure WireGuard VPN on Omada Controller

How to Set up Site-to-Site Manual IPsec VPN Tunnels on Omada Gateway in Controller Mode

Get the Latest Omada SDN Controller Releases Here - Subscribe for Updates

 

Feedback:

 

  • If this was helpful, welcome to give us Kudos by clicking the upward triangle below.
  • If there is anything unclear in this solution post, please feel free to comment below.

 

Thank you in advance for your valuable feedback!

 

------------------------------------------------------------------------------------------------

Have other off-topic issues to report? 

Welcome to > Start a New Thread < and elaborate on the issue for assistance.

 

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  3      
  3      
#1
Options