I have a setup that has a pfSense wireguard server. This setup currently supports multiple peer connections with other pfSense firewalls and client devices. For the pfSense->pfSense tunnels, I have the interface monitoring the connection via the remote wireguard IP address, and this works great.
However, today, I had to set up a peer with a unifi UDM pro max device. I set this device up as a VPN client and added the appropriate routes. The UDM established the tunnel connection and was able to access all of the remote networks.
However, the pfSense firewall that is acting as the server cannot ping the interface IP of the UDM. It’s specified in the allowed ports, but I can’t ping the interface through the diagnostics/ping interface or any of the other remote networks. Is there some setting that I’m missing in the UDM to allow this? It’s almost like the UDM’s firewall rules are prohibiting this, but I’m not sure what it would be. Looking at the firewall rules, there’s not even a way (that I’ve seen) to even create a rule to allow/deny the traffic from the VPN client interface.
Does anyone have any experience with this type of setup?