I have a working configuration between some Edgeos routers.
Now im trying to connect Edgeos to Vyos using wireguard and ospf for routing.
Edgeos is sharing 10.20.15.0/24 and 10.0.0.32/30
Vyos is sharing 10.20.2.0/24 and 10.0.0.32/30
ospf seems to be working. Vyos can ping ip in subnet 10.20.15.0/24, but Edgeos can not ping ip in subnet 10.20.2.0/24
On the Edgeos i did a traceroute to 10.20.2.1 and it gets a respond from 10.0.0.34 that is the wireguard tunnell interface on Vyos.
Is it maybe something blocking the traffic in vyos from going from 10.0.0.34 to 10.20.2.1?
Any ideas how to fix this?
VyOS config:
vyos@vyos# show interfaces wireguard wg15
address 10.0.0.34/30
mtu 1420
peer VPN {
allowed-ips 224.0.0.5/32
allowed-ips 224.0.0.6/32
allowed-ips 10.20.0.0/16
allowed-ips 10.0.0.0/24
public-key xxxx
}
port 51820
private-key xxxx
ospf
vyos@vyos# show protocols ospf
area 0 {
network 10.20.2.0/24
network 10.0.0.32/30
}
Edgeos config:
edgeos@edgeos# show interfaces wireguard wg2
address 10.0.0.33/30
mtu 1420
peer xxxx {
allowed-ips 224.0.0.5/32
allowed-ips 10.20.0.0/16
allowed-ips 224.0.0.6/32
allowed-ips 10.0.0.0/24
endpoint xxxx:51820
persistent-keepalive 25
}
private-key xxxx
route-allowed-ips false
[edit]
ospf
edgeos@edgeos# show protocols ospf
area 0 {
network 10.20.15.0/24
network 10.0.0.8/30
network 10.0.0.16/30
network 10.0.0.20/30
network 10.0.0.24/30
network 10.0.0.28/30
network 10.0.0.32/30
}
passive-interface default
passive-interface-exclude wg25
passive-interface-exclude wg11
passive-interface-exclude wg3
passive-interface-exclude wg12
passive-interface-exclude wg14
passive-interface-exclude wg2
[edit]
Traceroute from edgeos to vyos
edgeos@edgeos:/config/auth$ traceroute 10.20.2.1
traceroute to 10.20.2.1 (10.20.2.1), 30 hops max, 38 byte packets
1 10.0.0.34 (10.0.0.34) 30.041 ms 29.987 ms 29.949 ms
2 * * *
3 * * *
Traceroute from vyos to edgeos
vyos@vyos:/config/auth$ traceroute 10.20.15.1
traceroute to 10.20.15.1 (10.20.15.1), 30 hops max, 60 byte packets
1 10.20.15.1 (10.20.15.1) 30.074 ms 30.024 ms 30.172 ms
vyos@vyos:/config/auth$
vyos ip route:
vyos@vyos:/config/auth$ show ip route ospf
Codes: K - kernel route, C - connected, S - static, R - RIP,
O - OSPF, I - IS-IS, B - BGP, E - EIGRP, N - NHRP,
T - Table, v - VNC, V - VNC-Direct, A - Babel, F - PBR,
f - OpenFabric,
> - selected route, * - FIB route, q - queued, r - rejected, b - backup
t - trapped, o - offload failure
O>* 10.0.0.8/30 [110/11] via 10.0.0.33, wg15, weight 1, 02:16:12
O>* 10.0.0.12/30 [110/21] via 10.0.0.33, wg15, weight 1, 02:16:12
O>* 10.0.0.16/30 [110/11] via 10.0.0.33, wg15, weight 1, 02:16:12
O>* 10.0.0.20/30 [110/11] via 10.0.0.33, wg15, weight 1, 02:16:12
O>* 10.0.0.24/30 [110/11] via 10.0.0.33, wg15, weight 1, 02:16:12
O>* 10.0.0.28/30 [110/11] via 10.0.0.33, wg15, weight 1, 02:16:12
O 10.0.0.32/30 [110/1] is directly connected, wg15, weight 1, 02:16:23
O 10.20.2.0/24 [110/1] is directly connected, eth0, weight 1, 03:04:24
O>* 10.20.3.0/24 [110/21] via 10.0.0.33, wg15, weight 1, 02:16:12
O>* 10.20.11.0/24 [110/21] via 10.0.0.33, wg15, weight 1, 02:16:12
O>* 10.20.12.0/24 [110/21] via 10.0.0.33, wg15, weight 1, 02:16:12
O>* 10.20.14.0/24 [110/21] via 10.0.0.33, wg15, weight 1, 02:16:12
O>* 10.20.15.0/24 [110/11] via 10.0.0.33, wg15, weight 1, 02:16:12
O>* 10.20.25.0/24 [110/21] via 10.0.0.33, wg15, weight 1, 02:16:12
edgeos ip route ospf:
edgeos@edgeos:/config/auth$ show ip route ospf
IP Route Table for VRF "default"
O *> 10.0.0.12/30 [110/20] via 10.0.0.18, wg11, 1d19h31m
*> [110/20] via 10.0.0.10, wg25, 1d19h31m
O *> 10.20.2.0/24 [110/11] via 10.0.0.34, wg2, 02:14:57
O *> 10.20.3.0/24 [110/20] via 10.0.0.22, wg3, 1d19h01m
O *> 10.20.11.0/24 [110/20] via 10.0.0.18, wg11, 1d19h31m
O *> 10.20.12.0/24 [110/20] via 10.0.0.26, wg12, 1d18h40m
O *> 10.20.14.0/24 [110/20] via 10.0.0.30, wg14, 18:02:31
O *> 10.20.25.0/24 [110/20] via 10.0.0.10, wg25, 1d21h00m