Hello, i am trying to make one computer from my lan use wireguard to a WAN endpoint (internet).
I can see my UDP request going out from wan, and i can see the udp answers from Internet's endpoint.
UDP answers are well routed from WAN to my computer but no packets are coming back
to lan interface (igc1).
On rule is to pass any packet to 51820 port in WAN and one another to LAN.
I succeded to nat port to my jellyfin server for example but no way to make my wireguard connection OK !
Any clue ?
Sorry, too confusing - at least to me.
Could you provide a graph of your network and some more explanation what should go where but doesn't?
As I read your post, some system on your LAN is initiating an outbound WireGuard connection to some server on the Internet? If true you should not need any rule but a general "allow outbound" on LAN for that. The reply packets coming in will be allowed by the stateful filtering anyway.
Since that seems not to be the case with your setup, I am probably missing something, so please elaborate/rephrase.
Thank you very much for your answer.
I was surprised to see the last ruled i created worked ! At last!
I suppose i have to famliarize more with IN and OUT direction. My mistake i think was to create a rule IN From Internet to WAN, or i needed to create a rule OUT from IP ENDPOINT WAN to LAN.
Have a nice day.