N300 wireguard client and port forwarding not working

jimbo · January 24, 2022, 4:07pm

Hello,

I setup a N300 router to connect as a client to my VPS with wireguard. I’m able to connect N300 router to my wireguard vpn server but when I try to open a port and add a port forwarding rules to open a port, port is still closed …

vpn tunnel is up and running, client connected to N300 router get internet and get the external Ip from my VPS. Only port forwarding is not working.

On the vps I forward the port with iptables

indent preformatted text by 4 spaces
PostUp = iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --set-mss 1240
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostUp = iptables -A FORWARD -i eth0 -o wg0 -p tcp --syn --dport 44158 -m conntrack --ctstate NEW -j ACCEPT
PostUp = iptables -A FORWARD -i eth0 -o wg0 -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
PostUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 44158 -j DNAT --to-destination 192.168.12.2

192.168.12.2 is the N300 ip address from Wireguard client

any suggestions ?

regards

alzhao · January 25, 2022, 10:18am

You mentioned opening ports on your Wireguard server. Do you want to access N300 itself?

In N300’s wireguard settings, there is an option “allow access local network”.

This is not related to “port forward” on N300 itself, right? Just want to be clear.

jimbo · January 25, 2022, 10:39am

It’s working if I connect from WAN to local network but not from wireless to local network

alzhao · January 25, 2022, 11:13am

It should not be any difference from cabel to repeater.

jimbo · January 25, 2022, 12:01pm

believe me I changed nothing from wireguard settings et port forward worked perfectly as soon as I changed from wireless to wan …