I have a Wireguard server that I want to act as a public proxy to all my WG VPNs.
My first wg config (wg0) is a standard road warrior scenario. This is the setup:
- ProxyPeer - wg0 address 10.0.0.1, publicly reachable
- LANPeer - inside of LAN 192.168.150.0/24, using NAT, wg0 address 10.0.0.2
- MobilePeer - wg0 address 10.0.0.3
This is working well - I can connect from MobilePeer to ProxyPeer and ping anything in LAN using the LANPeer no problem.
Now I want to add a secong config (wg1) to ProxyPeer, that allows me to bridge two LANs like so:
- ProxyPeer - wg1 address 10.1.0.1, publicly reachable
- LANPeer - the same LANPeer as in wg0, but with wg1 address 10.1.0.2
- OfficePeer - wg1 address 10.1.0.3, inside of LAN 172.16.1.0/24
Now when I try to start the wg1 interface in ProxyPeer, it fails with the following error (taken from sysctl status wg-quick@wg1):
Feb 12 20:28:39 debian wg-quick[19307]: [#] ip -4 route add 192.168.150.0/24 dev wg1
Feb 12 20:28:39 debian wg-quick[19372]: RTNETLINK answers: File exists
I know it's becuase I have AllowedIPs = 192.168.150.0/24 for the LANPeer, but that's what I need.
Any ideas how to fix this?
I've tried adding (on ProxyPeer) Table = 100 to wg0 interface and Table = 101 to wg1, but that broke event the working wg0 setup.
