Router doesn't route local networks using Wireguard with MWAN3

Hi everyone, my current setup are, 2 OpenWRT routers (NETGEAR WNDR3800), they are "Testing" (will be my main router) and "Sur" (a remote office).
On "Testing" I have installed mwan3, because I have 2 internet connections
Both routers are currently connected using wireguard succesfully.

Testing have 4 networks:
192.168.0.0 for wireguard (192.168.0.1 is this router)
192.168.1.0 for LAN
192.168.2.0 for VOIP
192.168.3.0 for SERVER

Sur have 3 networks:
192.168.0.0 for wireguard (192.168.0.11 is this router)
192.168.11.0 for LAN
192.168.12.0 for VOIP

So this is what is happening.

From a client in TestingĀ“s LAN/VOIP/SERVER I can ping a client in Sur's networks succesfully. I do traceroute and results are as expected.

But when I try to do ping from SurĀ“s client to TestingĀ“s client, I got no reply.
From SurĀ“s client I can ping TestingĀ“s interfaces, all of them (192.168.0.1, 192.168.1.1, 192.168.2.1, 192.168.3.1) but when I do traceroute to the client, the trace stops in TestingĀ“s wireguard interface, as Testing dont know which route to follow next.

The only difference I can see is that my route table on Testing contains 2 additional tables, I have "main" as Sur have, but also have table 1 and table 3, I guess because of mwan3.

Can anyone help me to solve this please. I have being trying everything even reseting to factory and start all over again, but I got to the same failure point.

I can provide additional information if you need.

Thanks!

Make sure that it works as expected with mwan3 disabled.

Ok, I just did the following test.

Reset to factory defaults "Testing" router
Create the VLANs and try locally
VLAN 1 (default are untagged in switch port 1 and 2 and tagged in port 4)
VLAN 10 (VOIP is tagged on port 4)
VLAN20 (SERVER is untagged in port 3 and tagged in port 4)
So I have my laptop connected to port 2 (VLAN1) with DHCP and my vmserver on port 3 (VLAN20) with static ip 192.168.3.200
From my laptop i can ping every routerĀ“s interfaces but I cant ping the vmserver
I connected via SSH to the router and tried to ping vmserver using every interface:
ping 192.168.3.200 -I 192.168.1.1 got no reply
ping 192.168.3.200 -I 192.168.2.1 got no reply
ping 192.168.3.200 -I 192.168.3.1 got reply

So even the same router is unable to ping its own client using another interface.

I made the same test (ping from router using itĀ“s interfaces via SSH) on Sur using a raspberry pi connected to VLAN10 and every ping got reply
ping 192.168.12.245 -I 192.168.11.1 got reply
ping 192.168.12.245 -I 192.168.12.1 got reply

So Im totally lost here, i dont know what Im doing wrong, I even load SurĀ“s backup config on Testing and changed the network ips of the interfaces, but I cant get it to work.

On firewall config, every VLAN is on its own zone, and I allowed every zone to forward between them to and from every zone.

1 Like

Im sorry, I found the problem, my vmserver was having routes conflicts to reply pings, I made a new linux vm and could ping from SurĀ“s client succesfully

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.