I have 2 homes: home1 is using an ISP with CGNAT, home2 has a public ip address.
I'd like to be able to connect from anywhere to a Wireguard VPN server from home1 (SH1) and use that connection to route all traffic to the internet, not just the internal network.
In home2 I have another server behind a firewall (SH2) to which I can forward all traffic and I'm running also a wireguard server.
SH1 has let's say the private ip address 192.168.100.10 SH2 has let's say the private ip address 192.168.10.10 SH2 vpn address is 10.0.0.1 SH1 vpn address (connected to SH2) is 10.0.0.2
I thought I could forward the traffic from the firewall in home2 to SH1 to SH2 (connected to SH1 via vpn).
So from the SH1 I can connect to the SH2. Where I always failed is that I couldn't forward traffic from the SH2's private ip address to SH1's vpn address.
What iptable rules or settings should I use to forward the traffic from a vpn server to a vpn client?
wg0.conf, feel free to obfuscate keys), as well as their observed network configuration. For each of them (once WireGuard is running and SH1 can ping SH2 over WireGuard):ip -br link; ip -4 -br address; ip route; ip rule, along possible iptables rules twice too:iptables-save -c. With that it would be much easier to figure out what's missing, since the idea sounds fine.