0

I'm having some wireguard networking issues and hope you guys can help me. My goal is to build a side to side vpn. For that I have host A (public) and host B (private). Below is my config to create the tunnel. So far I can ping from each side to the other like this: from 10.2.0.2 to 10.2.0.1 and from 10.2.0.2 to 10.2.0.1. But when I try to ping from 10.2.0.1 to lets say 10.0.0.1 i get ping: sendto: No error information as a respone. Firewall shouldn't be an issue and routing should also be configured correctly in the docker-compose.yml file on the server.

Any help is much appreciated!

Host A (server): (IP: ${WG_PUBLIC_HOST})

services:
    wireguard:
        image: weejewel/wg-easy
        container_name: wireguard
        restart: unless-stopped
        user: 0:1000
        ports:
            - ${WG_PUBLIC_PORT}:51820/udp
        environment:
            WG_HOST: ${WG_PUBLIC_HOST}
            WG_PORT: ${WG_PUBLIC_PORT}
            WG_DEFAULT_ADDRESS: 10.2.0.x
            WG_DEFAULT_DNS: 1.1.1.1
            WG_ALLOWED_IPS: 0.0.0.0/24
            WG_POST_UP: ip route add 10.0.0.0/24 via 10.2.0.2;
            WG_POST_DOWN: ip route del 10.0.0.0/24;
            PASSWORD: ${WG_PASSWORD}
        volumes:
            - ./wireguard:/etc/wireguard
        sysctls:
            net.ipv4.conf.all.src_valid_mark: 1
            net.ipv4.ip_forward: 1
        cap_add:
            - NET_ADMIN
            - SYS_MODULE
# ./wireguard/wg0.conf
[Interface]
PrivateKey = <secret>
Address = 10.2.0.1/24
ListenPort = 51820
PostUp = ip route add 10.0.0.0/24 via 10.2.0.2;
PostDown = ip route del 10.0.0.0/24;

# Client: host B (b2448b52-2f3b-4141-a20d-b91a8fa0d6c6)
[Peer]
PublicKey = <secret>
PresharedKey = <secret>

Host B (client): (IP: 10.0.0.3)

# docker-compose.yml
services:
    wireguard:
        image: linuxserver/wireguard
        container_name: wireguard
        restart: unless-stopped
        volumes:
            - ./wireguard:/config
            - /lib/modules:/lib/modules:ro
        environment:
            PUID: 1000
            PGID: 1000
        networks:
            - wireguard
        cap_add:
            - NET_ADMIN
            - SYS_MODULE
        sysctls:
            net.ipv4.conf.all.src_valid_mark: 1
networks:
    wireguard:
        ipam:
            config:
                - subnet: 10.3.0.0/24
# ./wireguard/wg0.conf
[Interface]
PrivateKey = <secret>
Address = 10.2.0.2/24
DNS = 1.1.1.1

[Peer]
PublicKey = <secret>
PresharedKey = <secret>
AllowedIPs = 10.2.0.0/24
PersistentKeepalive = 25
Endpoint = ${WG_PUBLIC_HOST}:${WG_PUBLIC_PORT}
1
  • 1
    I guess this is wrong: WG_ALLOWED_IPS: 0.0.0.0/24
    – A.B
    Commented May 3, 2022 at 20:39

0

You must log in to answer this question.

Browse other questions tagged .