For who has a Firewalld based Linux distribution like Fedora/RHEL/CentOS: === Host B (VPN gateway) === When system creates interface wg0, it is not attached to any firewall zone, so it falls into default zone, that blocks everything except for ICMP packets. Therefore if you simply run ping among hosts (example from A to C) everything works, but as soon you try to use a service, it will not work. You can solve with # firewall-cmd --zone=trusted --add-interface=wg0 --permanent # firewall-cmd --reload
Now from host A you can correctly run $ ssh user@10.1.0.22 that is the server running on host C _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard