need a hand with WG setup
Dimitar Vassilev
dimitar.vassilev at gmail.com
Wed Aug 28 12:56:47 CEST 2019
Hi Kalin,
1. Disable the FW and test.
>
Tried - disabling one fw shows wg traffic flowing.
> 2. Try ping from one router to the other using the configured public IP
> address
>
> That works as well with the default fw config on OpenWRT/LEDE/LibreCMC
> 3. Ping the other using the WG IP address
>
> my problem is that ping between the WG IP addresses is not working. I see
some PostUp and Postdown examples in the regular configurations like the
ones below
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A
POSTROUTING -o enp5s0 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT;
ip6tables -t nat -A POSTROUTING -o enp5s0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D
POSTROUTING -o enp5s0 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT;
ip6tables -t nat -D POSTROUTING -o enp5s0 -j MASQUERADE
In the LEDE/OpenWRT derivatives those are marked in the GUI with MASQUERADE
and route allowed ips options, but still I'm getting stuck. I moved my VPN
network from /25 to another /24 and still was stuck.
> If all runs them it is a routing problem left to solve...
>
> Agree. I'm a bit at loss which routing - the kernel one or the forwarding
of packets. Will tear down and start from scratch with another test.
> Kalin.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20190828/720becde/attachment.html>
More information about the WireGuard
mailing list