Hello,
I am trying and searching a lot but I am struggling with my scenario. I found some same posts, but there was no solution.
-I am using a Raspberry PI (192.168.10.100) to connect as a openvpn client to Nordvpn. This PI is the Gateway for my local clients to use the VPN connection
-
I set up a Wireguard Server on the PI to receive connection from outside my network. The ports are open on my Router (192.168.10.1)
-
When I am connecting my smartphone from my home network (not using the PI as VPN Gateway, using the ISP-IP) to the Wireguard server, I am connected and I am using the open vpn connection. I am getting the IP from Nordvpn. Everything works fine.
-
When I am connecting the smartphone outside my LAN with mobile connection, I am connected to the VPN as well (getting the Nordvpn-IP) I am able to access internal devices like the router or any WLAN-repeater but I am not able to connect to the PI via SSH or HTTP.
It seems, that PI is not accepting the connection from the Wireguard connection.
Can anyone. help me please. Here is my configuration:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.8.2.1 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 192.168.10.1 0.0.0.0 UG 202 0 0 eth0
5.180.62.99 192.168.10.1 255.255.255.255 UGH 0 0 0 eth0
10.6.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0
10.8.2.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
128.0.0.0 10.8.2.1 128.0.0.0 UG 0 0 0 tun0
192.168.10.0 0.0.0.0 255.255.255.0 U 202 0 0 eth0
rc.local
sudo ip rule add from 192.168.10.100 lookup 9
sudo ip route add default via 192.168.10.1 table 9
sudo ip route add default via 192.168.10.1 dev eth0 table 6
sudo ip rule add fwmark 0x55 priority 1000 table 6
sudo ip route flush cache
sudo iptables -t filter -A FORWARD -i wg0 -o tun0 -j ACCEPT
sudo iptables -t filter -A FORWARD -o wg0 -i tun0 -j ACCEPT
sudo iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
wg0.conf
[Interface]
Address = 10.6.0.1/24
MTU = 1420
ListenPort = 51820
fwMark = 0x55
PrivateKey = ...
[Peer]
PublicKey = ...
PresharedKey = ...
AllowedIPs = 10.6.0.2/32
Thanks in advance