I'm having a little trouble setting up Wireguard. I'd really appreciate some help, I've lost several days on this.
I have my LAN (192.168.1.1/24) where I have a centos7 server where I installed wireguard (10.100.100.1/24). On the same LAN, I have my own DNS server and also multiple hosted websites.
I've already tried using a windows client on 4G data and an android client. Both have the same behaviour:
- The handshake happens and the server sees the client connected;
- The client can ping everyone in my LAN, including the DNS server, and also in wireguard lan;
- I can browser any website hosted in my LAN without problems;
- The client can ping google.com and is being resolved by my DNS server. The client can also ping several external websites, but not all. Some always give timeout, despite the ip being resolved;
- I can't browse any external website in any browser, i always get a timeout.
Here are the configs I'm using:
Code: Select all
##SERVER
[Interface]
Address = 10.100.100.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i %i -j ACCEPT
PostUp = iptables -A FORWARD -o %i -j ACCEPT
PostUp = iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT
PostDown = iptables -D FORWARD -o %i -j ACCEPT
PostDown = iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERADE
ListenPort = 51820
PrivateKey = XXX
MTU = 1500
[Peer]
PublicKey = XXX
AllowedIPs = 10.100.100.2
Code: Select all
##CLIENT
[Interface]
Address = 10.100.100.2
PrivateKey = XXXXXX
DNS = 192.168.1.70
MTU = 1500
[Peer]
PublicKey = XXXXX
Endpoint = XXXXX:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 21