Messages

Try to add a SNAT Rule on the dedicated to be inside the 10.90.0.0/24, if this net is included in the wireguard tunnel, it should work. Because now it seems that the public client ip from the request goes into the tunnel. You have to translate the request into something "private" which is included in the tunnel.

Oh thank you, it's working now !

I have added a outbound rules like this to only "translate" request coming from WAN:

Code Select Expand


Interface: WGS2S
Source address: ! 10.90.0.0/24, 10.101.0.0/24 (Another VPN tunnel for clients)
Destination: 10.23.0.36/32


I thought this was the way to go actually.

I'm trying to expose my HAProxy in my homelab server via my public IP in my dedicated server, is there another way to do this ?

Ok so, I'm having issues with my setup, this is some context:
I have my homelab with a 4G router, so no static public IP.
But I rent a dedicated server with 2 public IP.
I have a Site2Site Wireguard setup that work perfectly.

This is a quick summary of my network:

Code Select Expand


10.23.0.0/24 : Homelab
10.100.0.0/24: Wireguard Tunel
10.90.0.0/24 : Dedicated server

The issues start now:
I have created a NAT rule on the WAN address in my dedicated server:

Code Select Expand


Interface: WAN
...
Destination: 178.xx.251.xx (My second public configured as Virtual IP)
Dest ports: 80,443
Redirect target IP: 10.23.0.36 (My HAProxy on my Homelab network)
...


But this seams to not work, I get a time out.
After some debug with packet capture, it seams that my HAproxy VM try to reply using the WAN of my homelab instead to go through the Wireguard tunnel.
Is there any way to prevent that ?