I'm having a little trouble setting up Wireguard. I'd really appreciate some help, I've lost several days on this.
I have my LAN (192.168.1.1/24) where I have a centos7 server where I installed wireguard (10.100.100.1/24). On the same LAN, I have my own DNS server and also multiple hosted websites.
I've already tried using a windows client on 4G data and an android client. Both have the same behaviour:
- The handshake happens and the server sees the client connected;
- The client can ping everyone in my LAN, including the DNS server, and also in wireguard lan;
- I can browser any website hosted in my LAN without problems;
- The client can ping google.com and is being resolved by my DNS server. The client can also ping several external websites, but not all. Some always give timeout, despite the ip being resolved;
- I can't browse any external website in any browser, i always get a timeout.
Here are the configs I'm using:
Code: Select all
##SERVER [Interface] Address = 10.100.100.1/24 SaveConfig = true PostUp = iptables -A FORWARD -i %i -j ACCEPT PostUp = iptables -A FORWARD -o %i -j ACCEPT PostUp = iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE PostDown = iptables -D FORWARD -i %i -j ACCEPT PostDown = iptables -D FORWARD -o %i -j ACCEPT PostDown = iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERADE ListenPort = 51820 PrivateKey = XXX MTU = 1500 [Peer] PublicKey = XXX AllowedIPs = 10.100.100.2
Code: Select all
##CLIENT [Interface] Address = 10.100.100.2 PrivateKey = XXXXXX DNS = 192.168.1.70 MTU = 1500 [Peer] PublicKey = XXXXX Endpoint = XXXXX:51820 AllowedIPs = 0.0.0.0/0 PersistentKeepalive = 21