So I have deployed a wireguard container and everything seems to be working even the handshake between the server and my windows 10 client. But, I have no internet connection when using the VPN.
I am running it in Rancher but here is how the docker compose file would look like.
does rancher properly handle natting the traffic in and out? we do not test or support rancher, so i have no clue how it behaves. This all looks correct though. Are you able to ping an ip, say 8.8.8.8 from a connected client (to check if this is a dns or internet reachability issue)
A fix for this appears to be to add an init container sidecar that runs a command in the main container on creation.
To add this container through the Rancher cluster explorer UI, (after you’ve created the Wireguard deployment) go to its deployment page and click the kebab menu button (three vertical dots) in the top right corner and then click add sidecar. In the general tab, first enter the image as busybox, select init container and give it a name if you wish. Next, for the command, enter sysctl and for the arguments, enter -w net.ipv4.ip_forward=1. Thirdly, select the security context tab and under privileged, select yes. Lastly, hit save in the bottom right corner and the deployment status at the top should go from active to updating.
You may see an error message at the bottom saying services "wireguard" already exists, but you can ignore it. When the deployment status returns to active, Wireguard should hopefully be running and you should be able to access your local network and the internet. You may have to click cancel to exit the config page.
Credit to u/Mr_Prometius on reddit for finding this solution, you can view the original reddit post here