Unable to forward ports using wireguard
Update: Sorry guys, looks like I just needed to reboot the public server.
My goal is to forward port 8096
from my private server to my public server. That, is any traffic at public server’s port 8096
should be tunneled to port 8096 of my private server and back.
I’ve set up a wireguard
tunnel and ping
is working from one device to the other. In this, 10.8.0.1
is the private server and 10.8.0.2
is the public server.
Here are my config files (/etc/wireguard/wg0
).
<pre style="background-color:#ffffff;">
<span style="color:#323232;">--- On the public server ---
</span><span style="color:#323232;">[Interface]
</span><span style="color:#323232;">Address = 10.8.0.2/24
</span><span style="color:#323232;">ListenPort = 51820
</span><span style="color:#323232;">PrivateKey = *****************************************
</span><span style="color:#323232;">
</span><span style="color:#323232;"># packet forwarding
</span><span style="color:#323232;">PreUp = sysctl -w net.ipv4.ip_forward=1
</span><span style="color:#323232;">
</span><span style="color:#323232;"># port forwarding
</span><span style="color:#323232;">PreUp = firewall-cmd --zone=public --add-port 8096/tcp
</span><span style="color:#323232;">PreUp = iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8096 -j DNAT --to-destination 10.8.0.1:8096
</span><span style="color:#323232;">PostDown = iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 8096 -j DNAT --to-destination 10.8.0.1:8096
</span><span style="color:#323232;">PostDown = firewall-cmd --zone=public --remove-port 8096/tcp
</span><span style="color:#323232;">
</span><span style="color:#323232;"># packet masquerading
</span><span style="color:#323232;">PreUp = iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE
</span><span style="color:#323232;">PostDown = iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE
</span><span style="color:#323232;">
</span><span style="color:#323232;">[Peer]
</span><span style="color:#323232;">PublicKey = *****************************************
</span><span style="color:#323232;">AllowedIPs = 10.8.0.1
</span>
<pre style="background-color:#ffffff;">
<span style="color:#323232;">--- On the private server ---
</span><span style="color:#323232;">[Interface]
</span><span style="color:#323232;">Address = 10.8.0.1/24
</span><span style="color:#323232;">PrivateKey = *****************************************
</span><span style="color:#323232;">
</span><span style="color:#323232;">[Peer]
</span><span style="color:#323232;">PublicKey = *****************************************
</span><span style="color:#323232;">AllowedIPs = 10.8.0.2
</span><span style="color:#323232;">Endpoint = <public-server-addr>:51820
</span><span style="color:#323232;">PersistentKeepalive = 25
</span>
Now, I’m trying to test the connection using netcat
. I’m listening from my private server using nc -l 8096
(I’ve made sure that the port is unblocked) and trying to connect from a third device using nc <public-server-addr> 8096
but it’s not working.
I have no idea what’s going on here. Some help from experienced people is very appreciated.
Add comment