This is an automated archive.
The original was posted on /r/wireguard by /u/ackleyimprovised on 2024-01-09 12:17:00+00:00.
I have this setup I cant seem to get working.
Camera (192.168.30.50) <-> NUC (192.168.30.100) + Wireguard (10.200.0.2) <-> CNAT Router (192.168.30.1) <-> Internet <-> PFsense (192.168.1.254) + Wireguard (10.200.0.1) <-> Computer (192.168.1.20)
PFsense:
For the Peer:
Allowed IPs 10.200.0.2 and 192.168.30/24
For the tunnel:
Static IP for the iPv4 as 10.200.0.1
Client NUC:
[Interface]
PrivateKey = XXXX
Address = 10.200.0.2/32
# setup packet forwarding
PreUp = sysctl -w net.ipv4.ip_forward=1
# setup iptables
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
PublicKey = xxx
AllowedIPs = 0.0.0.0/0
Endpoint = domain.name:51820
PersistentKeepalive = 25
The client NUC is able to ping all devices onto the 192.168.1.0/24 network as I have set allowed ips to 0.0.0.0/0.
I can ping the nuc client 10.200.0.2 from the computer
I can ping pfsense 10.200.0.1 from the nuc client.
I can not ping the camera 192.168.30.50 or the nuc client LAN 192.168.30.100 from either pfense or the computer.
I feel its to do with the setup forwarding and ip tables rules as removing this doesn't appear to do anything. My interface names are correct (wg0 and eth0).