DigitalOcean to Mango LAN-LAN VPN

Hello everyone I need to connect a DigitalOcean VPS hosting a NVR software to my local network cameras that don’t support any VPN in order to access the RSTP stream.
To do this in the best secure way I would like to connect the two cameras to Mango GL-MT300N-V2 WIFI and allow the VPS to access the RTSP stream thought VPN with the cameras local IPs.

I’ve installed a WireGuard server on the VPS with the current settings:

[Interface]
Address = 10.0.0.1/32
SaveConfig = true
ListenPort = 51820
PrivateKey =

[Peer]
PublicKey =
AllowedIPs = 10.0.0.2/32, 192.168.8.0/24
Endpoint = my-home-ip:62262

And the Mango Wireguard client with the current settings:

[Interface]
Address = 10.0.0.2/32
ListenPort = 18332
PrivateKey =

[Peer]
PublicKey =
AllowedIPs = 10.0.0.1/32
Endpoint = vps-ip:51820

The VPN connects and I can ping the Mango device from VPN on 10.0.0.2 and 192.168.8.1 but I cannot ping the cameras at 192.168.1.102

I’ve enabled the Allow Access Local Network in the WireGuard Mango client options but no luck.

I need help!

I am no expert but:

  1. You don’t need the endpoint in the VPS config.
  2. You don’t need 192.168.8.0/24 in the VPS config
  3. The Mango allowed IP’s should probably be 0.0.0.0/0/ (and/or add the camera IP’s here)

I would do so:
Mango server and VPS client of Mango.
Allowed IP for VPS: ip tunnel of Mango and Lan Ip of cameras.
Naturally Wan port of Mango connected to a Lan port of your ISP router and port forwarding udp WG port to ip of Mango. If You don’t have a Public static IP You’ll need a ddns service.

I changed the configuration to the following and now it works!

VPS

[Interface]
Address = 10.8.0.1/24
SaveConfig = true
ListenPort = 51820
PrivateKey = 

[Peer]
PublicKey = 
AllowedIPs = 10.8.0.0/24, 192.168.8.0/24

Mango

[Interface]
Address = 10.8.0.2/24
ListenPort = 51820
PrivateKey =

[Peer]
PublicKey =
AllowedIPs = 10.8.0.0/24, 192.168.8.0/24
Endpoint = vps-ip:51820