除服务器端外,WireGuard无法连接到Internet

时间:2019-02-16 13:22:31

标签: vpn wireguard

我正在使用Wireguard,这是我在/etc/wireguard/wireguard.conf中的服务器配置:

[Interface]
Address = 0.0.0.0
# server private key
PrivateKey = GL7AIArkhGTKkz3vSn/ONifC7SKJtspYDDZEtAybyVE=    
ListenPort = 51820

[Peer]
# windows client public key
PublicKey = 3omwALzVoZhaqdu6dwL9vpRFlv+1omznmtuQKdwODFE=
AllowedIPs = 192.168.3.0/24

这是我的客户端配置:

[Interface]
PrivateKey = f4e60OIQXMdny6+hBDwddHB6tGS6a4WKYpG89ERQK+Tk=
Address = 192.168.3.1/24

[Peer]
PublicKey = 72Gix3UR/coszkazkVp3ieRrlMTOK8ia2TISnaD1Az4=
Endpoint = 14.80.12.186:51820
AllowedIPs = 0.0.0.0/0

客户端使用tunsafe,并成功连接。问题是:连接到Wireguard之后,我无法访问Wireguard服务器的Internet异常,这是服务器ipv4转发配置:

[root@dolphin-xiaoqiang ~]# sysctl -a |grep net.ipv4.ip_forward
sysctl: reading key "net.ipv6.conf.all.stable_secret"
sysctl: reading key "net.ipv6.conf.default.stable_secret"
sysctl: reading key "net.ipv6.conf.eth0.stable_secret"
sysctl: reading key "net.ipv6.conf.lo.stable_secret"
net.ipv4.ip_forward = 1
net.ipv4.ip_forward_use_pmtu = 0

1 个答案:

答案 0 :(得分:-1)

在服务器端添加iptables规则:

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE