I have 2 Networks, the first one is 192.168.2.0/24, the second one 192.168.81.0/24. In every network there are several clients. These networks has no connection except a wireguard vpn-network.
In each of these networks is a VPN-Client (VPN Network has 192.168.100.0/24). The first one (client 1) has two interfaces: 192.168.2.210 / 192.168.100.1. The client (client 2) in the second network: 192.168.81.210 / 192.168.100.3.
Now I want to access clients on the 192.168.81.0/24er network.
- Client 1 can ping client 2
- I have configured a static route on the firewall in the first network, so all traffic for 192.168.81.0/24 is routed to 192.168.2.210. This works
- I have configured a route on client 1
Code: Select all
ip route add 192.168.81.0/24 via 192.168.100.3 dev wg0
- I have created some iptables rules on client 2
Code: Select all
iptables -A FORWARD -i wg0 -o ens192 -j ACCEPT
iptables -t nat -A POSTROUTING -o ens192 -j MASQUERADE
- In each of these clients ip_forward is set to 1
- Client 1 can ping every client in 192.168.81.0/24, so I think there is no wireguard configuration issue
Tcpdump on client 1 on wg0 interface shows some data.
The Vpn-client can access, but no tothers in the network. so I think there is some (source) nat configuration needed. Am I right? Any ideas?
Thank you!