I am establishing a VPN wireguard server as a digitalocean droplet and using a Linux lubuntu as a client on my laptop. Ping is working both ways. sftp using filezilla to 10.10.0.1 is working well as well to upload and download files, although it takes a bit long to connect and the download speed is half that of upload speed.
However, not able to access the internet from the client through the VPN server.
Following is the server setup: wg0.conf
[Interface]
Address = 10.10.0.1/24
SaveConfig = true
ListenPort = 51820
PrivateKey = <privatekey>
[Peer]
PublicKey = <publickey>
AllowedIPs = 10.10.0.2/32
Endpoint = x.x.x.x:55499
iptables output:
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p udp -m udp --dport 51820 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A FORWARD -i wg0 -o ens3 -j ACCEPT
route output:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway 0.0.0.0 UG 0 0 0 ens3
10.10.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0
10.19.0.0 0.0.0.0 255.255.0.0 U 0 0 0 ens3
10.19.0.0 10.19.0.1 255.255.0.0 UG 0 0 0 ens3
165.227.160.0 0.0.0.0 255.255.240.0 U 0 0 0 ens3
Following is client setup:
wg0.conf
[Interface]
Address = 10.10.0.2/24
PrivateKey = <privatekey>
[Peer]
PublicKey = <publickey>
Endpoint = x.x.x.x:51820
AllowedIPs = 0.0.0.0/0
iptables:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
route:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default dlinkrouter.loc 0.0.0.0 UG 600 0 0 wlp2s0b1
10.10.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0
192.168.1.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp2s0b1
