You are not logged in.
Hello!
After a lot of googling, testing, changing configurations, I am reaching out to you to get help.
My situation is as follows: in my LAN network (192.168.1.0/24) I have a computer (wlan0: 192.168.1.5), which is reachable via public IP - thanks to NAT (100.100.100.100:20019).
On the mentioned computer, I'd like to have two WireGuard setups running at the same time. The first WireGuard (wg0.conf) would be a server, listening on port 20019, that would act as a proxy and would route all incoming traffic to a second WireGuard instance (wg1.conf), which would be connected to a remote VPN.
I got it almost working. (1) When I take another device, which is part of the same LAN network, and connect to the WireGuard server that I have set up (192.168.1.5:20019), it works like a charm, no problem. (2) However, if the device is not connected to the 192.168.1.0/24 LAN, and instead it tries to reach the WireGuard server via its public IP and corresponding port: 100.100.100.100:20019, the traffic simply won't flow. I can't ping any IP or anything. Only the handshake worked, and I can see the device's IP in peers on LAN WireGuard server, when running the command wg. Seems like there is a firewall/routing problem or something?
Here are my configurations, info:
WireGuard server (wg0.conf)
https://pastebin.com/SpXb3G3c
WireGuard client to remote VPN (wg1.conf)
https://pastebin.com/ppexLU0f
iptables -L -v
https://pastebin.com/yn67Lf3T
ifconfig
https://pastebin.com/CWcK7DPP
ip route show
https://pastebin.com/rXu8ntVv
In the process of testing, the funny thing that I found was that if I changed the WireGuard's server configuration to not send all traffic through wg1 and just use wlan0, it worked in both cases (1), (2). I just changed lines number 6 and 8 in wg0.conf to this:
PostUp = iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADEPostDown = iptables -t nat -D POSTROUTING -o wlan0 -j MASQUERADEI am not a newbie, but I do not deeply understand networking at such level and don't know what could be causing such issue. Could anyone help me with the configuration of such a scenario? Thanks!
Last edited by lomooroe (2021-11-30 15:16:22)
Offline