Hey,
i was forced to use Wireguard between two sites since one of them (CLIENT) ended up with CG-NAT. There’s an UXG Lite at each location. I get the tunnel up, i can reach from CLIENT to SERVER site. But not from SERVER to CLIENT site.
SERVER subnet (192.168.1.0/24)
CLIENT subnet (192.168.100.0/24)
Config as generated from Unifi Network:
[Interface]
PrivateKey = **
Address = 192.168.2.2/32
DNS = 192.168.2.1
[Peer]
PublicKey = **
AllowedIPs = 192.168.2.1/32,192.168.2.2/32,0.0.0.0/0
Endpoint = **
On CLIENT site i use PBR to route, and it works. But i can’t use PBR on SERVER site since i can’t select the wg interface.
I’ve tried setting up static route at SERVER to the network of CLIENT with next hop WG iface IP (2.2). When i do netstat -r on the UXG at SERVER i see the route:
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 wgsrv1
I’ve tried setting up firewall rules to also allow the traffic with no difference.
I thought the setting on SERVER side “Remote Client Networks” would enable the route to 192.168.100.0/24, but it seems to have zero effect.
Anyone successfully set up a wg site-to-site with Unifi UXG and got it working?