HI Lonnie,
Thanks. I'll take another look and test it. But my initial testing with
that did not work and checking the documentation the way I understood it
the fwmark is set on the outbound encrypted packets, not on packets going
through the tunnel. But it would be simpler if that worked so wor
Hi David,
Great stuff (as usual), though I'm thinking it may be simpler to not use
iptables, but something like:
--
wg set "$INTERFACE" fwmark $table
--
which marks the wireguard packets, and use that in "ip rule ..." logic, just
examples ...
--
ip $proto route add "$1" dev "$INTERFACE" table $
AstLinux List
> *Date: *Wednesday, 10 October 2018 at 8:28 am
> *To: *AstLinux List
> *Subject: *Re: [Astlinux-users] Access to VPN endpoint from external
>
>
>
> I have been wanting to get access to my PBX over my failover tunnel for
> some time now but didn't know how to ge
it does not use any 4G (little that it may be).
In your case, would this not mean that it would work on either WAN connection?
Regards
Michael Knill
From: David Kerr
Reply-To: AstLinux List
Date: Wednesday, 10 October 2018 at 8:28 am
To: AstLinux List
Subject: Re: [Astlinux-users] Access to
I have been wanting to get access to my PBX over my failover tunnel for
some time now but didn't know how to get it done (when failover was not
active -- works when astlinux is in failover mode). This thread prompted
me to try and get it setup, inspired by Lonnie pointing out fwmark.
Unfortunately
Ah good point. I didn't think about connectivity between VPN's.
Thanks.
Regards
Michael Knill
On 8/10/18, 6:09 am, "Lonnie Abelbeck" wrote:
> On Oct 6, 2018, at 9:37 PM, Michael Knill
wrote:
>
> Ah of course. Basic routing really. Stupid me.
> I guess I could SSH
> On Oct 6, 2018, at 9:37 PM, Michael Knill
> wrote:
>
> Ah of course. Basic routing really. Stupid me.
> I guess I could SSH tunnel through an SSH tunnel or just SSH tunnel to the
> web interface.
>
> Ah actually I have a better idea. I will set up a VPN from my PC to PBX1 so I
> can acce
Ah of course. Basic routing really. Stupid me.
I guess I could SSH tunnel through an SSH tunnel or just SSH tunnel to the web
interface.
Ah actually I have a better idea. I will set up a VPN from my PC to PBX1 so I
can access it directly. Problem solved!
Thanks for that.
Regards
Michael Knill
Yes, is all comes down to the routing at PBX2.
Consider this ... the PC has IP 1.2.3.4, so the NAT forward will have a SRC
address of 1.2.3.4 when received by 172.29.253.2 on PBX2. If the routing on
PBX2 routes 1.2.3.4 back through the wireguard tunnel then it will work as you
want. On the oth
Sorry Lonnie I am a little confused.
The setup is as follows:
PC -- [internet] -- PBX1 -- [WG VPN] -- PBX2
I can ping the private Wireguard PBX2 address (172.29.253.2) from PBX1
(172.29.253.2)
So I want to NAT PBX1 EXTIF on a particular port to PBX2 WG IP 172.29.253.2.
I have set up the NAT_FORE
> On Oct 5, 2018, at 10:29 PM, Michael Knill
> wrote:
>
> Hi Group
>
> Im wanting to set up a NAT rule from NAT EXT to a Wireguard VPN endpoint. Is
> this possible?
> It does not seem to work with NAT EXT -> LAN.
> If not, is there a custom rule I can try?
>
> Basically I want to SSH to
Hi Group
Im wanting to set up a NAT rule from NAT EXT to a Wireguard VPN endpoint. Is
this possible?
It does not seem to work with NAT EXT -> LAN.
If not, is there a custom rule I can try?
Basically I want to SSH to the VPN endpoint directly, via the transit DR server.
Thanks so much.
Regards
12 matches
Mail list logo
