I was able to configure wireguard on freenas and i am able to reach its internal IP, however i am not able to reach nextcloud jail ip, i am new to freebsd any help much appreciated,
Pleas note that wireguard is not in jail, so what do we have here
WG0 interface
Client1 10.66.66.3 > 10.66.66.1 Freenas
Local network
Freenas 192.168.2.46
Nextcloud jail 192.168.2.48
A client is able to ping from 10.66.66.3 to 192.168.2.46 but not the 192.168.2.48(nextcloud jail), when i tcpdump the interface i see the ICMP coming, but no reply:
11:38:09.793698 IP 10.66.66.3 > 192.168.2.48: ICMP echo request, id 1, seq 12, length 40
11:38:14.460278 IP 10.66.66.3 > 192.168.2.48: ICMP echo request, id 1, seq 13, length 40
Same ping to Nas interface, no problem:
11:38:01.631401 IP 10.66.66.3 > 192.168.2.46: ICMP echo request, id 1, seq 9, length 40
11:38:01.631411 IP 192.168.2.46 > 10.66.66.3: ICMP echo reply, id 1, seq 9, length 40
11:38:02.636318 IP 10.66.66.3 > 192.168.2.46: ICMP echo request, id 1, seq 10, length 40
11:38:02.636327 IP 192.168.2.46 > 10.66.66.3: ICMP echo reply, id 1, seq 10, length 40
I have enabled net.inet.ip.forwarding: 1
and my routing table looks like this re0 is my defaut interface
default 192.168.2.254 UGS re0
10.66.66.1 link#5 UH wg0
10.66.66.2/32 wg0 US wg0
10.66.66.3/32 wg0 US wg0
localhost link#2 UH lo0
172.16.0.1/32 wg0 US wg0
192.168.2.0/24 link#1 U re0
192.168.2.46 link#1 UHS lo0
Ifconfig looks like this:
re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=82099<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 34:64:a9:35:30:ae
hwaddr 34:64:a9:35:30:ae
inet 192.168.2.46 netmask 0xffffff00 broadcast 192.168.2.255
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:12:11:0c:6c:00
nd6 options=1<PERFORMNUD>
groups: bridge
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vnet0.1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 4 priority 128 path cost 2000
member: re0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 1 priority 128 path cost 20000
vnet0.1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: associated with jail: Nextcloud as nic: epair0b
options=8<VLAN_MTU>
ether 34:64:a9:27:9a:bf
hwaddr 02:e7:d0:00:04:0a
inet6 fe80::3664:a9ff:fe27:9abf%vnet0.1 prefixlen 64 scopeid 0x4
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
wg0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1420
options=80000<LINKSTATE>
inet 10.66.66.1 --> 10.66.66.1 netmask 0xffffff00
nd6 options=101<PERFORMNUD,NO_DAD>
groups: tun
Opened by PID 1901
I am not really sure what to do next, how to make in sort that i can reach the nextcloud jail ?
Thank you
Pleas note that wireguard is not in jail, so what do we have here
WG0 interface
Client1 10.66.66.3 > 10.66.66.1 Freenas
Local network
Freenas 192.168.2.46
Nextcloud jail 192.168.2.48
A client is able to ping from 10.66.66.3 to 192.168.2.46 but not the 192.168.2.48(nextcloud jail), when i tcpdump the interface i see the ICMP coming, but no reply:
11:38:09.793698 IP 10.66.66.3 > 192.168.2.48: ICMP echo request, id 1, seq 12, length 40
11:38:14.460278 IP 10.66.66.3 > 192.168.2.48: ICMP echo request, id 1, seq 13, length 40
Same ping to Nas interface, no problem:
11:38:01.631401 IP 10.66.66.3 > 192.168.2.46: ICMP echo request, id 1, seq 9, length 40
11:38:01.631411 IP 192.168.2.46 > 10.66.66.3: ICMP echo reply, id 1, seq 9, length 40
11:38:02.636318 IP 10.66.66.3 > 192.168.2.46: ICMP echo request, id 1, seq 10, length 40
11:38:02.636327 IP 192.168.2.46 > 10.66.66.3: ICMP echo reply, id 1, seq 10, length 40
I have enabled net.inet.ip.forwarding: 1
and my routing table looks like this re0 is my defaut interface
default 192.168.2.254 UGS re0
10.66.66.1 link#5 UH wg0
10.66.66.2/32 wg0 US wg0
10.66.66.3/32 wg0 US wg0
localhost link#2 UH lo0
172.16.0.1/32 wg0 US wg0
192.168.2.0/24 link#1 U re0
192.168.2.46 link#1 UHS lo0
Ifconfig looks like this:
re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=82099<RXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 34:64:a9:35:30:ae
hwaddr 34:64:a9:35:30:ae
inet 192.168.2.46 netmask 0xffffff00 broadcast 192.168.2.255
nd6 options=1<PERFORMNUD>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
groups: lo
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:12:11:0c:6c:00
nd6 options=1<PERFORMNUD>
groups: bridge
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: vnet0.1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 4 priority 128 path cost 2000
member: re0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 1 priority 128 path cost 20000
vnet0.1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: associated with jail: Nextcloud as nic: epair0b
options=8<VLAN_MTU>
ether 34:64:a9:27:9a:bf
hwaddr 02:e7:d0:00:04:0a
inet6 fe80::3664:a9ff:fe27:9abf%vnet0.1 prefixlen 64 scopeid 0x4
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
media: Ethernet 10Gbase-T (10Gbase-T <full-duplex>)
status: active
groups: epair
wg0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1420
options=80000<LINKSTATE>
inet 10.66.66.1 --> 10.66.66.1 netmask 0xffffff00
nd6 options=101<PERFORMNUD,NO_DAD>
groups: tun
Opened by PID 1901
I am not really sure what to do next, how to make in sort that i can reach the nextcloud jail ?
Thank you