You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It's possible to have the following configuration for specific clients, that server won't apply NAT to the client's traffic so it will appear as if the client is browsing the web with the server's IP, and remain using client IP's for traffic outside wireguard network?
Server is behind router Port Forward is being used Server Parameters
SERVER_PUB_IP=10.2.4.250
SERVER_PUB_NIC=ens3
SERVER_WG_NIC=wg0
SERVER_WG_IPV4=10.66.66.1
SERVER_WG_IPV6=fd42:42:42::1
SERVER_PORT=51136
SERVER_PRIV_KEY=8BiPBLqFKH/tP6wt4KXEvv/F+JX8rSs2cVJDJaWX7WU=
SERVER_PUB_KEY=0FJo76yGoxbz7T/cIEhjPzoGmA2QE+TFSR+ImXjg3xk=
CLIENT_DNS_1=10.2.4.250
CLIENT_DNS_2=8.8.8.8
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
Hi,
It's possible to have the following configuration for specific clients, that server won't apply NAT to the client's traffic so it will appear as if the client is browsing the web with the server's IP, and remain using client IP's for traffic outside wireguard network?
Server is behind router Port Forward is being used
Server Parameters
SERVER_PUB_IP=10.2.4.250
SERVER_PUB_NIC=ens3
SERVER_WG_NIC=wg0
SERVER_WG_IPV4=10.66.66.1
SERVER_WG_IPV6=fd42:42:42::1
SERVER_PORT=51136
SERVER_PRIV_KEY=8BiPBLqFKH/tP6wt4KXEvv/F+JX8rSs2cVJDJaWX7WU=
SERVER_PUB_KEY=0FJo76yGoxbz7T/cIEhjPzoGmA2QE+TFSR+ImXjg3xk=
CLIENT_DNS_1=10.2.4.250
CLIENT_DNS_2=8.8.8.8
Server Configuration
[Interface]
Address = 10.66.66.1/24,fd42:42:42::1/64
ListenPort = 51136
PrivateKey = "KEY"
PostUp = iptables -A FORWARD -i ens3 -o wg0 -j ACCEPT; iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE; ip6tables -A FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
PostDown = iptables -D FORWARD -i ens3 -o wg0 -j ACCEPT; iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE; ip6tables -D FORWARD -i wg0 -j ACCEPT; ip6tables -t nat -D POSTROUTING -o ens3 -j MASQUERADE
Client 1
[Peer]
PublicKey = "PUBLICKEY"
PresharedKey = "KEY"
AllowedIPs = 10.66.66.2/32,fd42:42:42::2/128
Client 2
[Peer]
PublicKey = "PUBLICKEY"
PresharedKey = "KEY"
AllowedIPs = 10.66.66.3/32,fd42:42:42::3/128
Client Configuration
[Interface]
PrivateKey = 2PZLaJOdvCYErDw9jXo0m4i/6WMIjJfA5slOF096TV4=
Address = 10.66.66.2/32,fd42:42:42::2/128
DNS = 10.2.4.250,8.8.8.8
[Peer]
PublicKey = 0FJo76yGoxbz7T/cIEhjPzoGmA2QE+TFSR+ImXjg3xk=
PresharedKey = 7S3lllcaHCa0JHA4e/pnW/irvbzzTKdtxS4prUskDXM=
Endpoint = PUBLICIPHERE:51136
AllowedIPs = 0.0.0.0/0,::/0
Regards
Beta Was this translation helpful? Give feedback.
All reactions