I'm trying to connect to a VPN connected server, right now it only accepts LAN connections but not from outside the network.
My ultimate goal is that the server is always connected to PIA VPN (WireGuard protocol) and I'll be able to connect to this server via WireGuard hosted on this server. I know I'll need to do some routing but I don't know where to start.
Chart
It's a Debian 10.10 server
LAN interface:
2: enp4s0f2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether xx:xx:xx:xx:xx:xx brd ff:ff:ff:ff:ff:ff
inet 192.168.1.146/24 brd 192.168.1.255 scope global noprefixroute enp4s0f2
valid_lft forever preferred_lft forever
inet6 fe80::3285:a9ff:fe14:9095/64 scope link noprefixroute
valid_lft forever preferred_lft forever
VPN interfaces:
5: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
link/none
inet 10.6.0.1/24 scope global wg0
valid_lft forever preferred_lft forever
10: wgpia0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
link/none
inet 10.7.131.246/32 scope global wgpia0
valid_lft forever preferred_lft forever
Current routes:
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.1.1 0.0.0.0 UG 100 0 0 enp4s0f2
954698715ca4 0.0.0.0 255.255.255.255 UH 0 0 0 wgpia0
10.6.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0
10.7.128.1 0.0.0.0 255.255.255.255 UH 0 0 0 wgpia0
link-local 0.0.0.0 255.255.0.0 U 1000 0 0 enp4s0f2
192.168.1.0 0.0.0.0 255.255.255.0 U 100 0 0 enp4s0f2
WireGuard:
(This part works when the server isn't connected to PIA)
One of two client configs:
[Interface]
PrivateKey = XXXXX
Address = 10.6.0.3/24
MTU = 1420
DNS = 1.1.1.1, 1.0.0.1
[Peer]
PublicKey = XXXXX
PresharedKey = XXXXX
Endpoint = PUBLICIP:51820
AllowedIPs = 0.0.0.0/0, ::0/0
Any help would be greatly appreciated!
