Score:3

How to forward all incoming traffic to server A to server B and B returns it to A?

sd flag

Suppose I have two servers: A and B. On both I have installed WireGuard.

On server A, wg0 is routed with IP 10.8.0.0/24 and on server B, wg0 is routed with IP 10.7.0.0/24.

Let's say server A's WireGuard is listening on port 4000 and server B's WireGuard is listening on port 5000.

I only want to forward all incoming traffic to server A on port 5000. There are other applications listening on another ports and I do not to forward them.

What I want is:

  1. client connects to --> server A
  2. let's say client says to server A open google.com for me
  3. server A connects to --> server B
  4. let's say server A says to server B open google.com for me
  5. server B reaches google.com
  6. sends data of received from google.com to --> server A
  7. server A sends the received data to --> client

What should be done? The OS is Ubuntu on both servers.

Update 1

S-B's /etc/wireguard/wg0.conf file:

[Interface]
Address = 10.7.0.1/24
PrivateKey = SOME_KEY
ListenPort = PORT_NUMBER

S-A's /etc/wireguard/wg0.conf file:

[Interface]
Address = 10.8.0.1/24
PrivateKey = SOME_KEY
ListenPort = PORT_NUMBER

I connected to S-A's VPN, ping on my cmd 8.8.8.8, it worked. SSHed into S-A while connecting to VPN, ping 8.8.8.8, it worked.

I did the same for S-B and it worked.

I can SSH from S-A to S-B and vice-versa.

One client conf file on S-A:

[Interface]
Address = 10.8.0.2/24
DNS = 8.8.8.8
PrivateKey = PRIVATE

[Peer]
PublicKey = PUBLIC
PresharedKey = PRESHARED
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = IP:PORT
PersistentKeepalive = 25

One client conf file on S-B:

[Interface]
Address = 10.7.0.2/24
DNS = 8.8.8.8
PrivateKey = PRIVATE

[Peer]
PublicKey = PUBLIC
PresharedKey = PRESHARED
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = IP:PORT
PersistentKeepalive = 25
djdomi avatar
za flag
it looks for me similar to https://serverfault.com/questions/1066524/how-to-forward-all-redirect-on-specific-port-to-another-server
sd flag
@djdomi thanks, I saw that but I do not see the answer there or hint to help me, or at least if it exists I cannot find
djdomi avatar
za flag
Does this answer your question? [Forward VPN traffic to another server](https://serverfault.com/questions/996727/forward-vpn-traffic-to-another-server)
sd flag
@djdomi I tried that too, but when I connect to VPN-A, then I do not have any internet access. But the server-A itself has internet access when I disconnect.
djdomi avatar
za flag
I am unaware of your Setup but did it worked before and did you used NAT?
sd flag
@djdomi I did the setup only via this Git Repo: https://github.com/Nyr/wireguard-install and I did install on both servers via this link. I have internet access on both servers when connected to VPN-A and VPN-B separately (before applying any `ip route` rules). But after applying these rules, I faced issue
djdomi avatar
za flag
then revert the changes first
sd flag
@djdomi that is done
djdomi avatar
za flag
I suggest since your seems to be online to continue on the chat using https://chat.stackexchange.com/rooms/126433/chat-about-anything-i-asked-on-topics
sd flag
@djdomi I'm afraid I cannot chat:( I must have 20 reputation on The Stack Exchange Network to talk there:(
djdomi avatar
za flag
Sadly, so please try this: Y=You/S-A=Server-A,S-B=Server-B -> Y -> S-a ping i.e. 8.8.8.8 - works? repeat for Server B - connect S-A to S-B - repeat ping, connect you from Client to S-A try ping - however, please show us additional the Config of both server/clients without the keys
sd flag
@djdomi I did an update to the question
djdomi avatar
za flag
idk, but did you seen already https://github.com/mjtechguy/wireguard-site-to-site (skip until Server Configuration)
sd flag
@djdomi that is only for routing within the server WireGuard itself is installed. That does not route anything to another server
djdomi avatar
za flag
however your actions are like a site to site connection
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.