NAT Rules relating to Wireguard Interfaces

[jf5876]

Hi!

I've setup wireguard with two clients, one being 172.20.1.1. I put in some NAT rules to allow this client out to the internet, however, the traffic is going out the WAN interface without being NAT'd first.

--

10:40:54.680981 IP 10.20.1.1.37352 > 8.8.8.8.53: 10996+ A? audio-sv5-t1-1-v4v6.pandora.com. (49)
10:40:54.681100 IP 10.20.1.1.45138 > 8.8.8.8.53: 28973+ A? android-tuner.pandora.com. (43)
10:40:54.681178 IP 10.20.1.1.42111 > 8.8.8.8.53: 12703+ A? clients4.google.com. (37)
10:40:54.681264 IP 10.20.1.1.42743 > 8.8.8.8.53: 18097+ A? clients4.google.com. (37)
10:40:54.681343 IP 10.20.1.1.5269 > 8.8.8.8.53: 1405+ A? clients4.google.com. (37)
10:40:54.681747 IP 10.20.1.1.32947 > 8.8.8.8.53: 60937+ A? clients4.google.com. (37)
10:40:55.011681 IP 10.20.1.1.47250 > 8.8.8.8.53: 25109+ A? sirocco.accuweather.com. (41)
--

I've tried moving the rule, changing the ip address, etc. to no change.

Any help would be appreciated :-)

Jeff

[mimugmail]

Did you assign an interface?

[jf5876]

I did assign an interface, but deleted it thinking it was unnecessary, and it honestly is unnecessary once it's setup.

I did figure out my problem though, I assigned the client address so far away from the tunnel address, I had my NAT rule incorrect.

I changed the ip address of the client to fall in line with the subnet I chose, and it works just fine now.

:-)

[mimugmail]

Great!