![]() ![]() PersistentKeepalive = 25 # To keep the server reachable PostDown = iptables -D FORWARD -i wg0 -j ACCEPT iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADEī's configuration is similar to A, but with IP 172.9.9.101 and different private key. PostUp = iptables -A FORWARD -i wg0 -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE The current configuration is the following: # S wg0.conf So, for instance, A can ping directly, but will ping X via S.Īfter searching and reading documentations, it's still unclear to me if it's possible to do this without using iptables and if it's possible to do so using only the wireguard configuration. I want that A and B can connect to X through S, but all of these hosts should use the VPN only when contacting each other and not when accessing the internet. ![]() B is a "local client" that wants to connect to X and it's in the same local network.A is a "remote client" that wants to connect to X.X is a "compute server", it can access the internet, but is behind a NAT and it's IP is dynamic and not known in advance.S is the VPN server and it's accessible on the internet via static IP.access every other host outside the VPN (via eth0).access each other ( 172.9.9.*) via the VPN (via wg0).I could successfully configure the private network, but there's still something that baffles me. I have a few hosts behind a NAT router that I want to access via a wireguard VPN. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |