Jason A. Donenfeld <[email protected]> [2017-06-14 13:48:45 +0200]:
Looks like maybe you forgot to enable IP forwarding and masquerading on the server.
This was exactly it. Thanks for the help on the IRC as well.I had forwarding configured for OpenVPN on a different IP range, but had to change it for WireGuard and the IP range I was using with it.
For future novices reading this thread, the things one has to do on a *fresh* Ubuntu installation:
Step 1: Change /proc/sys/net/ipv4/ip_forward to allow IPv4 packets to be forwarded in this session:
$ sudo sysctl -w net.ipv4.ip_forward=1Step 2: Change /etc/sysctl.conf to allow the forwarding of IPv4 packets even after reboots:
$ sudo sed '/ip_forward/s/^# *//' /etc/sysctl.confStep 3: Enable masquerading for the IP range which is there in the AcceptedIPs line on what is to act as the proxy server (ex: 10.10.10.0/24) $ sudo iptables -t nat -A POSTROUTING -o <external interface> -s 10.10.10.0/24 -j MASQUERADE
... where <external interface> is something like eth0, enp0s25, wlan0, wlp3s0, etc., depending on which network interface is being used to connect to the Internet. You can do this by checking via:
$ ip route ls Once you've done that, this should work $ sudo wg-quick up <name> Cheers, Pranesh -- Pranesh Prakash Policy Director, Centre for Internet and Society http://cis-india.org | tel:+91 80 40926283 sip:[email protected] | xmpp:[email protected] https://twitter.com/pranesh
signature.asc
Description: OpenPGP digital signature
_______________________________________________ WireGuard mailing list [email protected] https://lists.zx2c4.com/mailman/listinfo/wireguard
