Thanks for your answer. So i am again trying to set it up but running into errors.
What have i checked so far.
- Set up an external docker network for containers including wireguard to connect to one another.
- pinging in between them locally works fine
- setting up wireguard client addind the subnet under allowed ip also in server config for that peer
- pinging inside wireguard server to the client ip works fine. So i am connected. But i cannot access the subnet within the external docker network created from other containers.
External Network with 188.20.0.0/16 subnet.
[
{
"Name": "wireguard-dns",
"Id": "",
"Created": "",
"Scope": "local",
"Driver": "bridge",
"EnableIPv6": false,
"IPAM": {
"Driver": "default",
"Options": {},
"Config": [
{
"Subnet": "188.20.0.0/16",
"Gateway": "188.20.0.1"
}
]
},
"Internal": false,
"Attachable": false,
"Ingress": false,
"ConfigFrom": {
"Network": ""
},
"ConfigOnly": false,
"Containers": {
"": {
"Name": "wireguard",
"EndpointID": "",
"MacAddress": "",
"IPv4Address": "188.20.0.2/16",
"IPv6Address": ""
},
"": {
"Name": "nextcloud",
"EndpointID": "",
"MacAddress": "",
"IPv4Address": "188.20.0.4/16",
"IPv6Address": ""
}
},
"Options": {},
"Labels": {}
}
]
Wireguard Client config:
[Interface]
Address = 10.13.13.5
PrivateKey = XXX
ListenPort = 51820
DNS = 10.13.13.1
[Peer]
PublicKey = YYY
Endpoint = server.wireguard:51820
AllowedIPs = 0.0.0.0/0, 188.20.0.0/24
PersistentKeepalive = 25
Wireguard Server config: Added on the Allowed IPs for RBP4 Peer the subnet and ip associated with client.
[Interface]
Address = 10.13.13.1
ListenPort = 51820
PrivateKey = XXX
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
# peer_RBP4
PublicKey = YYY
AllowedIPs = 10.13.13.5/32, 188.20.0.0/24
As i said i am able to ping within the wireguard server container to the client but not to the subnet. Also not able to access the nextcloud container in that subnet via http when connect to vpn.
Any ideas? Am looking to get acces in order to setup nextcloud wihtout any port forwarding.
Thanks in advance!