Hello, unfortunately the WLAN clients of my Teltonika RUTX50 cannot access the Internet. Do I still need NAT or firewall regulations?
I have not configured NAT rules.
The router itself gets to the internet and I can also access the WiFi network from my router via VPN. Only internet traffic from LAN/WLAN doesn’t work.
Thank you…
Hello,
Thank you for reaching out.
To assist in further investigating this matter, could you please provide a screenshot of the complete WireGuard configuration window? Kindly ensure that any sensitive information, such as public IPs, etc., is hidden in the screenshot.
I look forward to your response.
Best regards,
Can you see an error in the configuration of the Wireguard-Connection?
In the firewall, set wiregard->lan to Accept/Accept/Accept.
It would be interesting to see the contents of the AllowedIPs field at the FB’s side.
And the IP address 10.0.2.0/24 is confusing albeit it might be correct.
What would be interesting to see on the FritzBox site?
Unfortunately it didn’t solve my problem.
What else can I try?
I would have something like:
I don’t understand. I don’t have a problem with the Wireguard connection. Everything works fine. Clients on both sides can communicate perfectly.
It’s just that my LAN- and WLAN-clients behind the RUTC can’t access to the external Internet.
What do you want to achieve ? Internet access via the wg tunnel or via the default wan/mob interface ? What are the framed an guest_zones for ?
LAN/WIFI should be able to access the Internet directly via WAN/MOB.
Guest zone is a zone for guests who are only allowed to access the Internet, but not to the LAN zone.
I did not create Framed on purpose and cannot say what it is good for.
If Framed has no purpose delete it: on the line Framed->Reject use “Delete” to get rid of it.
Are the LAN clients able to access the Internet ie is the issue strictly restricted to the WIFI clients ?
Okay, deleted.
Neither LAN- nor WLAN-clients can access to the Internet.
Do they have access when the wg tunnel is stopped ?
No, even if the VPN tunnel is not established, the clients cannot access the Internet.
Ah that’s another issue, unrelated to the wireguard tunnel …
Are the lan/wifi clients configured via DHCP ? If so do you assign a default route and dns ?
If the configuration is static, is the default route set ? The DNS ?
Router and DNS are not manually configured. On my client, the default gateway and DNS are the RUTC (10.0.2.1). I also manually configured both pieces of data in DHCP. Unfortunately, there is no difference.
Something is wrong here. As described above 10.0.2.1 belongs to the wg network the lan/wifi clients have no way to reach it.
What is the lan address/netmask of the RUTC ? Of the Clients ?
The RUTC has the IP address 10.0.2.1, the DHCP network behind the RUTC is 10.0.2.0/24.
Then the wg interface cannot be in 10.0.2.0/24. Use something else 10.0.3.0/24 for example for the wg network.
I don’t understand.
The IP network behind the Fritzbox, i.e. behind the Wireguard VPN tunnel, is the network 10.0.1.0/24.
The local network at the RUTC is 10.0.2.0/24. Why shouldn’t that work and what should I change?
