Using Wireguard to route traffic via server

Question

I'd like to use Wireguard on my VPS server to tunnel my http/https traffic and have a fixed IP.

I tried using the tutorial on the Digital Ocean (https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-20-04) but I can't make it work. I installed the Wireguard server properly and on the Desktop as well.

On my server:

[Interface]
Address = 10.8.0.1/24
Address = fd24:609a:6c18::1/64
SaveConfig = true
PostUp = ufw route allow in on wg0 out on eth0
PostUp = iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
PostUp = ip6tables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
PreDown = ufw route delete allow in on wg0 out on eth0
PreDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
PreDown = ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PrivateKey = ...

[Peer]
PublicKey = ...
AllowedIPs = 10.0.0.2/32
Endpoint = ...:64619

And on my desktop:

[Interface]
PrivateKey = ...
Address = 10.8.0.2/24
DNS = 1.1.1.1

[Peer]
PublicKey = ...
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = my server ip:51820

(I've hide my server IP).

My client connects with the server, but it seems the traffic through server does not work.

Any help really appreciated.

Thanks

Answer 1

The error come from your AllowedIPs settings, here is how to fix it:

Update it sudo nano /etc/wireguard/wg0.conf then enable the forwarding on your VPS server sudo nano /etc/sysctl.conf then create or uncomment this line net.ipv4.ip_forward=1 then reload sysctl sudo sysctl -p then restart WireGuard on your server and client.