I have set up a WG server on an AWS EC2 Instances that has been working well so far. About 10 devices are connected to this server as peers and are able to communicate with one another and to the internet.
However, when I tried to add another AWS EC2 instance as a peer to this network, I encountered an issue where I am able to establish connection with the WG server but I lose public internet access in the process (I am able to ping 8.8.8.8 from this instance but unable to SSH to it via its public IP address)
I have set up the PreUp and PreDown iptables rules as recommended by some guides here but to no avail.
[Interface]
PrivateKey = <Private Key>
Address = 10.200.200.10/32
DNS= 10.200.200.1
PreUp = iptables -t nat -A POSTROUTING -s 10.200.200.0/24 -o eth0 -j MASQUERADE; iptables -A INPUT -i wg0 -j ACCEPT; iptables -A FORWARD -i eth0 -o wg0 -j ACCEPT; iptables -A FORWARD -i wg0 -o eth0 -j ACCEPT; iptables -A INPUT -i eth0 -p udp --dport 51820 -j ACCEPT
PreDown = iptables -t nat -D POSTROUTING -s 10.200.200.0/24 -o eth0 -j MASQUERADE; iptables -D INPUT -i wg0 -j ACCEPT; iptables -D FORWARD -i eth0 -o wg0 -j ACCEPT; iptables -D FORWARD -i wg0 -o eth0 -j ACCEPT; iptables -D INPUT -i eth0 -p udp --dport 51820 -j ACCEPT
[Peer]
PublicKey = <Public Key>
AllowedIPs = 0.0.0.0/0
Endpoint = <WG Server Public IP>:51820
PersistentKeepalive = 21
I have also made sure that net.ipv4.ip_forward is enabled and set to 1. Port 51820 have been allowed on both my WG-server and this peer's AWS Inbound rules. Ufw have been disabled on both machines.
Other methods which I have tried unsuccessfully include, changing MTU size of the eth0 interface and setting the DNS of the WG peer to 1.1.1.1
