First off: this is not a duplicate. I've tried everything except OpenVPN or IPSec. I'm receiving a handshake between the client and server, and SSH and Ping work between clients, but I cannot access the global internet or even have access to the server's public IP. My config is just the usual, keys, endpoints, I followed the Linode guide exactly. My client is openSUSE but my server is ubuntu, which I'm assuming is the chokepoint.
SnapOverflow
This is exactly the situation I had. Does your server have a public IP or is it behind a NAT? If it's behind a NAT, the
PostUpandPostDowniptables commands from the Linode guide don't apply.Try adding the following to your server configuration file, changing
eth0to whatever your computer calls it:Source: https://unix.stackexchange.com/questions/530790/wireguard-not-routing-traffic-from-client-to-other-servers-on-the-network
Example configuration
Here's an example configuration where the router is at 10.0.1.1 (normal network) and 10.0.0.x is the new WireGuard network, with the server being configured for 10.0.0.1 and the client for 10.0.0.2. The port used is 51820 and the default network interface is eth0. All traffic is routed through WireGuard, but it does not stay within the WireGuard subnet. The client has access to the server's local network (10.0.1.x) and the general internet. Don't forget to forward the 51820 port from your router to your server and to enable ipv4 forwarding on the server (
# sysctl -w net.ipv4.ip_forward=1)Server configuration
Client configuration
Depending on your Cloud provider you might have to change the MTU, Wireguard default MTU is 1420 while Google Cloud MTU is 1460. So if you are using google Cloud set the MTU to 1460 by adding
MTU = 1460to the interface of both clients and server will solve the problem.You can check my full tutorial on Github if having any trouble.