I want to connect via wireguard to a droplet that will be running openfortivpn for connecting to a 192.168.11.0/24 network. I have confirmed that only traffic to 192.168.11.* goes through fortivpn and everything else comes out of my droplet ip.
I have the following wg-quick configuration on the server:
[Interface]
PrivateKey = <snip>
Address = 10.8.1.1/24
ListenPort = 54321
[Peer]
PublicKey = <snip>
AllowedIPs = 10.8.1.2/32
I don't know if I have to actually change something in there or could otherwise help me for bringing it on already routed e.g. PostUp.
on bringup, it does the following
[#] ip link add fortiwg type wireguard
[#] wg setconf fortiwg /dev/fd/63
[#] ip -4 address add 10.8.1.1/24 dev fortiwg
[#] ip link set mtu 1420 up dev fortiwg
classic wireguard
now, openfortivpn on bringup creates a ppp0 interface like this
ppp0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1354
inet 192.168.222.113 netmask 255.255.255.255 destination 192.0.3.1
ppp txqueuelen 3 (Point-to-Point Protocol)
RX packets 111 bytes 1101 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 111 bytes 1107 (1.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
and wireguard's like this:
neon: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
inet 10.8.1.1 netmask 255.255.255.0 destination 10.8.1.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
I want to know, what is it I have to do to route the wireguard traffic to ppp0 (both ways) on traffic to/from 192.168.11.0/24?
