Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


setup wireguard on mrvm private ip
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

setup wireguard on mrvm private ip

Hi,
I use a mrvm.net NAT VPS that has a private v4 ip 172.x.x.x and an ipv6 address. I can connect to the box using a public v4 ip and port 10621.

I setup wireguard on the box which works flawlessly to connect, but I cannot figure out how to route all my traffic through the vps as well. I tried various iptables rules using google, but no luck. Has anyone figured out how to make this work? I assume I need to put the public v4 ip in there somehow as just using the venet0 interface that has the private v4 ip is a deadend.

Thanks a lot!

Comments

  • @awayand said:
    Hi,
    I use a mrvm.net NAT VPS that has a private v4 ip 172.x.x.x and an ipv6 address. I can connect to the box using a public v4 ip and port 10621.

    I setup wireguard on the box which works flawlessly to connect, but I cannot figure out how to route all my traffic through the vps as well. I tried various iptables rules using google, but no luck. Has anyone figured out how to make this work? I assume I need to put the public v4 ip in there somehow as just using the venet0 interface that has the private v4 ip is a deadend.

    Thanks a lot!

    Use one click Nyr wireguard installer, you only need to choose the default IPv4 that will be used. Just choose your internal IPv4 address and the port choice between 10601-10620.

    https://github.com/Nyr/wireguard-install

  • NeoonNeoon Community Contributor, Veteran

    You simple add AllowedIPs = 0.0.0.0/0 to the client and MASQUERADE the main interface.
    iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE when I remember correctly on OpenVZ it was venet0:0 or such.

  • perfect, thanks a lot!

  • Never thought to even try wireguard on a NAT VPS, have always used Tinc. Something in my head presumed OpenVZ wouldn't support it, just goes to show...

  • @cochon said:
    Never thought to even try wireguard on a NAT VPS, have always used Tinc. Something in my head presumed OpenVZ wouldn't support it, just goes to show...

    Hehe.. fortunately wireguard can run on userspace level so OpenVZ still supported.

    Thanked by 1cochon
  • @chocolateshirt said:
    wireguard can run on userspace level so OpenVZ still supported.

    Ah, I see, not kernel driver patches/backports. Unfortunately that would seem to defeat the main benefit of using wireguard in the first place for me. Beyond a handful of nodes, Tinc is much easier to manage.

Sign In or Register to comment.