Information for everyone, thanks for your help ! :flan_beer:
@rane I don't want to route all the outgoing traffic of my VPN client as I need to reach it locally
both have the remote wg IP in their AllowedIPs
@dok yes, my server is 10.124.0.1 and the client 10.124.0.2, I'm using IPv6 to connect as it will allow me to nat 1:1 the public IPv4 of the server :flan_evil:
@aag I only checked `wg` output bytes and this does not change although I see stuff in tcpdump when listening on the wg interface :flan_bored:
@zgou on the server or client? I guess my problem is masquerading, I certainly need to rewrite the source IP of requests on the server, but not sure how to handle the masquerading.
https://bsd.network/@solene/113560675355146783
@solene @rane @dok @aag
You need to add masquerading on the server, for the external interface. For instance, with firewalld, if your server external interface is in the _external_ […]
────
