Score:3

Server

How to forward all incoming traffic to server A to server B and B returns it to A?

1nted

10/13/22, 12:34 PM

Suppose I have two servers: A and B. On both I have installed WireGuard.

On server A, wg0 is routed with IP 10.8.0.0/24 and on server B, wg0 is routed with IP 10.7.0.0/24.

Let's say server A's WireGuard is listening on port 4000 and server B's WireGuard is listening on port 5000.

I only want to forward all incoming traffic to server A on port 5000. There are other applications listening on another ports and I do not to forward them.

What I want is:

client connects to --> server A
let's say client says to server A open google.com for me
server A connects to --> server B
let's say server A says to server B open google.com for me
server B reaches google.com
sends data of received from google.com to --> server A
server A sends the received data to --> client

What should be done? The OS is Ubuntu on both servers.

Update 1

S-B's /etc/wireguard/wg0.conf file:

[Interface]
Address = 10.7.0.1/24
PrivateKey = SOME_KEY
ListenPort = PORT_NUMBER

S-A's /etc/wireguard/wg0.conf file:

[Interface]
Address = 10.8.0.1/24
PrivateKey = SOME_KEY
ListenPort = PORT_NUMBER

I connected to S-A's VPN, ping on my cmd 8.8.8.8, it worked. SSHed into S-A while connecting to VPN, ping 8.8.8.8, it worked.

I did the same for S-B and it worked.

I can SSH from S-A to S-B and vice-versa.

One client conf file on S-A:

[Interface]
Address = 10.8.0.2/24
DNS = 8.8.8.8
PrivateKey = PRIVATE

[Peer]
PublicKey = PUBLIC
PresharedKey = PRESHARED
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = IP:PORT
PersistentKeepalive = 25

One client conf file on S-B:

[Interface]
Address = 10.7.0.2/24
DNS = 8.8.8.8
PrivateKey = PRIVATE

[Peer]
PublicKey = PUBLIC
PresharedKey = PRESHARED
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = IP:PORT
PersistentKeepalive = 25

181

0 + 15

ubuntu

vpn

proxy

forwarding

wireguard

djdomi

10/13/22, 7:17 PM

it looks for me similar to https://serverfault.com/questions/1066524/how-to-forward-all-redirect-on-specific-port-to-another-server

1nted

10/14/22, 3:46 AM

@djdomi thanks, I saw that but I do not see the answer there or hint to help me, or at least if it exists I cannot find

djdomi

10/14/22, 4:18 AM

Does this answer your question? [Forward VPN traffic to another server](https://serverfault.com/questions/996727/forward-vpn-traffic-to-another-server)

1nted

10/14/22, 4:28 AM

@djdomi I tried that too, but when I connect to VPN-A, then I do not have any internet access. But the server-A itself has internet access when I disconnect.

djdomi

10/14/22, 4:40 AM

I am unaware of your Setup but did it worked before and did you used NAT?

1nted

10/14/22, 4:42 AM

@djdomi I did the setup only via this Git Repo: https://github.com/Nyr/wireguard-install and I did install on both servers via this link. I have internet access on both servers when connected to VPN-A and VPN-B separately (before applying any `ip route` rules). But after applying these rules, I faced issue

djdomi

10/14/22, 4:49 AM

then revert the changes first

1nted

10/14/22, 4:52 AM

@djdomi that is done

djdomi

10/14/22, 4:58 AM

I suggest since your seems to be online to continue on the chat using https://chat.stackexchange.com/rooms/126433/chat-about-anything-i-asked-on-topics

1nted

10/14/22, 5:11 AM

@djdomi I'm afraid I cannot chat:( I must have 20 reputation on The Stack Exchange Network to talk there:(

djdomi

10/14/22, 5:44 AM

Sadly, so please try this: Y=You/S-A=Server-A,S-B=Server-B -> Y -> S-a ping i.e. 8.8.8.8 - works? repeat for Server B - connect S-A to S-B - repeat ping, connect you from Client to S-A try ping - however, please show us additional the Config of both server/clients without the keys

1nted

10/14/22, 12:00 PM

@djdomi I did an update to the question

djdomi

10/14/22, 12:46 PM

idk, but did you seen already https://github.com/mjtechguy/wireguard-site-to-site (skip until Server Configuration)

1nted

10/14/22, 3:27 PM

@djdomi that is only for routing within the server WireGuard itself is installed. That does not route anything to another server

djdomi

10/17/22, 7:18 PM

however your actions are like a site to site connection

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to forward all incoming traffic to server A to server B and B returns it to A?

TH: จะส่งต่อการรับส่งข้อมูลขาเข้าทั้งหมดไปยังเซิร์ฟเวอร์ A ไปยังเซิร์ฟเวอร์ B และ B ส่งคืนไปยัง A ได้อย่างไร

RO: Cum să redirecționați tot traficul de intrare către serverul A către serverul B și B îl returnează la A?

RU: Как перенаправить весь входящий трафик с сервера А на сервер Б, а Б вернуть его на А?

VI: Làm cách nào để chuyển tiếp tất cả lưu lượng truy cập đến máy chủ A sang máy chủ B và B trả lại cho A?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.