Pi-Hole-on-Google-Compute-Engine-Free-Tier-with-Full-Tunnel-and-Split-Tunnel-Wireguard-VPN-Configs icon indicating copy to clipboard operation
Pi-Hole-on-Google-Compute-Engine-Free-Tier-with-Full-Tunnel-and-Split-Tunnel-Wireguard-VPN-Configs copied to clipboard

Published 20 hours ago verified publisher icon rajannpatel

Allowing peer-to-peer ssh/rdp/vnc

Open zqyr opened this issue 2 years ago • 0 comments
trafficstars

How can one go about letting peers talk to each other via ssh/rdp/vnc protocols?

Take for example on vnc protocol. So far, I thought this might have had helped,

iptables' rules.v4 (on wireguard server, say 10.66.66.1)

# Allow WireGuard traffic between peers
-A FORWARD -i wg0 -o wg0 -j ACCEPT
-A FORWARD -i wg0 -m state --state RELATED,ESTABLISHED -j ACCEPT

# Allow ICMP (ping) traffic between peers
-A FORWARD -i wg0 -p icmp -j ACCEPT

# Allow SSH traffic between peers
-A FORWARD -i wg0 -p tcp --dport 22 -j ACCEPT

# Allow RDP (Remote Desktop Protocol) traffic between peers
-A FORWARD -i wg0 -p tcp --dport 3389 -j ACCEPT

# Allow VNC (Virtual Network Computing) traffic between peers
-A FORWARD -i wg0 -p tcp --dport 5900:5901 -j ACCEPT

iptables' rules.v4 (on wireguard client/peer, say 10.66.66.200)

-A INPUT -i wg0 -p tcp -m tcp --dport 5900 -j DROP
-A INPUT -i wg0 -p tcp -m tcp --dport 5901 -j DROP
-A INPUT -i wg0 -p tcp -m tcp --dport 5900 -j DROP
-A INPUT -i wg0 -p tcp -m tcp --dport 5901 -j DROP

What am I doing wrong here @rajannpatel ?

zqyr avatar Jun 12 '23 07:06 zqyr