Notifications
Clear all
BugOverflow
1
Posty
1
Users
0
Reactions
581
Widok
0
05/04/2024 10:04 pm
Topic starter
Can't reaach any other host where wireguard server if part of internal network (LAN).
1 Answer
0
05/04/2024 10:10 pm
Topic starter
remember:
eth0 - this is my network interface, change it if needed
1. Add this lines in wg0.conf:
[Interface] PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
or run one the command for testing purposes like this one below
iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
2. Modify clients WG config in this way (adjust to your needs if necessary):
[Peer] AllowedIPs = 192.168.99.0/24, 192.168.30.0/24
3. Enable net.ipv4.ip_forward = 1 on WG server.
how to edit:
- type "nano /etc/sysctl.conf"
- find #net.ipv4.ip_forward=1 and change it to net.ipv4.ip_forward=1 removing # character
- reload sysctl using "sysctl -p" command