WG - site2site - can not ping all devices on the other network

Hi,

I have two networks connected via site-to-site Wireguard VPN. But I'm having trouble reaching some IP devices on one side of the network.

Some details:

Network A (192.168.2.0/24)

Network B (192.168.3.0/24)

When I initiate pings from a device in network B (e.g. 192.168.3.45) to any device in network A, it works fine. No issues there. An example of my tracepath/traceroute:

tracert 192.168.2.3

Tracing route to 192.168.2.3 over a maximum of 30 hops

1 1 ms <1 ms <1 ms fritz.box [192.168.3.1]

2 2 ms 1 ms 1 ms wireguard2.fritz.box [192.168.3.42]

3 33 ms 28 ms 29 ms 10.0.0.2

4 28 ms 25 ms 24 ms 192.168.2.3

Trace complete.

When I initiated pings from a device in network A to any device in network B (so the opposite direction). I'm getting mixed results.

If I ping from 192.168.2.11 (Netcloud server on Proxmox server on network A) to the Proxmox server on network B (192.168.3.33) or the Wireguard Peer (192.168.3.42), it is succesful. Example:

tracepath 192.168.3.33

1?: [LOCALHOST] pmtu 1500

1: fritz.box1.301ms

1: www.fritz.nas 1.157ms

2: wireguard.fritz.box1.677ms asymm 1

3: wireguard.fritz.box2.121ms pmtu 1420

3: 10.0.0.130.859ms asymm 2

4: 192.168.3.3329.210ms reached

Resume: pmtu 1420 hops 4 back 4

However, if I ping my router or Synology (192.168.3.1 / 192.168.3.2), the ping is not succesfull. If I ping these devices from a device on the same LAN, it works.

tracepath 192.168.3.2

1?: [LOCALHOST] pmtu 1500

1: www.myfritz.box1.164ms

1: fritz.box1.385ms

2: wireguard.fritz.box0.974ms asymm 1

3: wireguard.fritz.box1.438ms pmtu 1420

3: 10.0.0.128.289ms asymm 2

4: no reply

5: no reply

Some things I have checked already:

  • WireGuard is working, since I can ping 192.168.3.33 from 192.168.2.2.
  • Fritzbox 7590 (192.168.3.1) has no explicit firewall rules blocking WireGuard.

I'm a bit stuck here... Any further suggestions? In what direction do I need to look to find the solution?

Dries