<div dir="ltr">Hi,<div>I don't understand what you really want. You say someting about other computers. Who are these other people/copmuters and there they are? Inside your (or your childs) network or unknown public internet users?</div><div>Did you try to set up a game through <a href="http://battle.net">battle.net</a> or a "local" game? In addition, your configuration looks like you mixed up with your subnets. On your childs side, you configure your interface as part of an /24 subnet, but on your side, its just a /32 "range". </div><div>It may work anyway, bit I think its still confusing. <br></div><div><br></div><div>So I think, a good start would be to clean up your wg-config. I like to use a seperate "subnet" for vpn traffic. So there is no ProxyArp needed, because the VPN-Server works as a Gateway for his own subnet. Disadvantag is that you can't use (without some more work) broadcast features. Mostly use for some autodetections and so on. </div><div>Maybe this will help a bit.</div><div><br></div><div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">On his computer: (LAN IP 192.168.1.x)</div><blockquote type="cite" style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">[Interface]<br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">PrivateKey = {blah}=<br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">ListenPort = 12457<br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">Address =<span> </span><a href="http://192.168.88.3/24" target="_blank" style="color:rgb(17,85,204)">192.168.123.3/24</a><br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">[Peer]<br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">PublicKey = {blah2}=<br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">Endpoint = {my home}:12457<br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">AllowedIPs = <a href="http://192.168.88.3/24" target="_blank" style="font-size:small">192.168.123.0/24</a>, <a href="http://192.168.88.0/24">192.168.88.0/24</a><span><br></span></span></div></blockquote><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">On my computer: (LAN IP 192.168.88.x)<br></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><br></div><blockquote type="cite" style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">[Interface]</span><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">PrivateKey = {blah3}=</span><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">ListenPort = 12457</span><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">Address =<span> </span><a href="http://192.168.88.2/32" target="_blank" style="color:rgb(17,85,204)">192.168.123.2/</a>24</span><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">[Peer]</span><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div><div><span class="gmail-m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">PublicKey = {blah4}=<br></span><span style="font-family:menlo,consolas,monospace,sans-serif;font-size:small">AllowedIPs = </span><a href="http://192.168.88.3/24" target="_blank" style="font-family:menlo,consolas,monospace,sans-serif;font-size:small">192.168.123.0/24</a>, <a href="http://192.168.1.0/24">192.168.1.0/24</a></div><div><br></div></blockquote>With this configuration, you should create (and play) games using the dedicated vpn IPs (192.168.123.2 or 3 ) or maybe (not tested) your orignal local IPs (192.168.88.xxx or 192.168.1.xxx). </div><div><br></div><div><br></div><div>An complete other soloution could be using a layer2 vpn. I like SoftEtherVPN. </div><div>You could install it, bind the vpn to a tap-device (within the SoftEther configuration) and than bind the tap-device (with linux tools like brctl, systemd-networkd config) to your physical interface.</div><div>If anybody connect to this vpn, it's just like an additional wire to your network. So all works, inlcuding DHCP in the same subnet and so on.</div><div>The strange double-bridge is not needed, if your SC-Host and VPN-Host are NOT the same device. Because if you bridge the VPN directly to the physical interface (without the help of an additional tap-device) the VPN Client can't reach the vpn-server itself.</div><div><br></div><div>Or maybe without any VPN? Just Portforwarding and a (dynamic) DNS entry? You could get free ones here: <a href="https://freedns.afraid.org/">https://freedns.afraid.org/</a></div><div><br></div><div><br></div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">2018-02-12 8:23 GMT+01:00 Eric Light <span dir="ltr"><<a href="mailto:eric@ericlight.com" target="_blank">eric@ericlight.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><u></u>
<div><div>Hi, awesome WG mailinglist!<br></div>
<div><br></div>
<div>My 18 year-old has recently moved out of home, and we're starting to yearn for one of our traditional Starcraft matches. I thought I should be able to do this easily with Wireguard.<br></div>
<div><br></div>
<div><div>The idea, generally, is that one of us would start up a game, and Wireguard - with a side serving of ProxyARP and IP forwarding - would help make all the other computers see that game. (or, at very worst, allow me to run a game that could be seen by his computer AND the other computers here).<br></div>
<div><br></div>
</div>
<div>-=-=-=-=-=-=-=-=-=-=-=-=-<br></div>
<div><br></div>
<div>On his computer: (LAN IP 192.168.1.x)<br></div>
<div><br></div>
<blockquote type="cite"><div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">[Interface]<br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">PrivateKey = {blah}=<br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">ListenPort = 12457<br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">Address = <a href="http://192.168.88.3/24" target="_blank">192.168.88.3/24</a><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">[Peer]<br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">PublicKey = {blah2}=<br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">Endpoint = {my home}:12457<br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">AllowedIPs = <a href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a><br></span></div>
<div><br></div>
</blockquote><div><br></div>
<div>On my computer: (LAN IP 192.168.88.x)<br></div>
<div><br></div>
<blockquote type="cite"><div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">[Interface]</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">PrivateKey = {blah3}=</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">ListenPort = 12457</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">Address = <a href="http://192.168.88.2/32" target="_blank">192.168.88.2/32</a></span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">[Peer]</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">PublicKey = {blah4}=</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">AllowedIPs = <a href="http://192.168.88.3/32" target="_blank">192.168.88.3/32</a></span><br></div>
</blockquote><div><br></div>
<div>-=-=-=-=-=-=-=-=-=-=-=-=-<br></div>
<div><br></div>
<div>But it turns out not to be so easy. Starcraft sets up games over UDP 5353 and UDP 6112, and originally I thought it was a problem with forwarding UDP packets. However, I can see packets coming over the tunnel from his computer, but the packets are being forwarded to an address I don't know:</div>
<div><br></div>
<blockquote type="cite"><div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">root@me:~# tcpdump -i home port 5353 or port 6112</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">tcpdump: verbose output suppressed, use -v or -vv for full protocol decode</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">listening on home, link-type RAW (Raw IP), capture size 262144 bytes</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">20:02:35.744726 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">20:02:35.759142 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">20:02:35.759157 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">20:02:36.045323 IP 37.244.23.109.3478 > 192.168.88.3.6112: UDP, length 19</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">20:02:36.099993 IP 37.244.23.109.3478 > 192.168.88.3.6112: UDP, length 19</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">20:02:36.100005 IP 37.244.23.109.3478 > 192.168.88.3.6112: UDP, length 19</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">20:03:05.964077 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">20:03:05.964118 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10</span><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif"><br></span></div>
<div><span class="m_6646800087308898011font" style="font-family:menlo,consolas,monospace,sans-serif">20:03:05.987761 IP 192.168.88.3.6112 > 37.244.23.109.3478: UDP, length 10</span><br></div>
</blockquote><div><br></div>
<div>Any ideas where I can start looking? I get similar behaviour whether I host the game on my computer or on his.<br></div>
<div><br></div>
<div>Thanks in advance for any help you guys can offer!<br></div>
<div><br></div>
<div>E</div>
<div><br></div>
<div id="m_6646800087308898011sig66226376"><div class="m_6646800087308898011signature">------------------------------<wbr>--------------<br></div>
<div class="m_6646800087308898011signature">Q: Why is this email five sentences or less?<br></div>
<div class="m_6646800087308898011signature">A: <a href="http://five.sentenc.es" target="_blank">http://five.sentenc.es</a><br></div>
<div class="m_6646800087308898011signature"><br></div>
</div>
<div><br></div>
</div>
<br>______________________________<wbr>_________________<br>
WireGuard mailing list<br>
<a href="mailto:WireGuard@lists.zx2c4.com">WireGuard@lists.zx2c4.com</a><br>
<a href="https://lists.zx2c4.com/mailman/listinfo/wireguard" rel="noreferrer" target="_blank">https://lists.zx2c4.com/<wbr>mailman/listinfo/wireguard</a><br>
<br></blockquote></div><br></div>