NAT over Wireguard site-to-site?

Started by sawdustdood, November 16, 2022, 02:55:37 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 16, 2022, 02:55:37 AM
I have two /24 subnets (say 192.168.1.0/24 and 192.168.99.2.0/24), each connected to one another over a wireguard tunnel with local traffic routing between them without issue.  What I'm looking to do is route (NAT?) outbound non-local traffic from one or more IPs (host alias) on one LAN network (..2.0) out the WAN of the other (..1.0).

I have attempted to setup a NAT outbound rule looking like:

Interface: WG_STS (the wireguard interface)
Source address: vpnhost (host alias on ..2.0 network)
Destination Address: !LAN net (Destination Invert)
Translation: WG_STS address

I have tried a number of combinations here and most result in the outbound traffic still going through the local WAN (shown by a simple "curl https://ifconfig.co").  I figure I'm missing something incredibly stupid here, but I'm banging my head against the wall.  Can someone point me in the right direction?

Thanks,
T
Print
Go Up Pages1
User actions