Wireguard tunnel is up but nothing reachable

[shepart]

Hi,

I did everything as described in the instructions. https://github.com/tusc/wireguard-kmod I can connect with the wireguard server and the tunnel is up an running correct.

My problem is, I can´t reach nothing.

I'm surprised that I see the client's public IP in the logs instead of the client's WG interface IP. Mar 30 09:13:04 ubnt user.warn kernel: [ 4247.003212] IN=eth8 OUT= MAC=78:45:58:e4:33:81:06:b5:5d:1f:7d:fe:08:00 SRC=202.61.x.x DST=91.65.x.x LEN=176 TOS=0x00 PREC=0x00 TTL=53 ID=26432 PROTO=UDP SPT=32940 DPT=51825 LEN=156

My environment:

UDM-PRO 1.11.4
Corporate network: 192.168.20.0/24

wg server config

[Interface]
Address = 192.168.20.10/24
ListenPort = 51825
PrivateKey = 4B2dbxxxxxxxxxxxxxxxxxxxxxxxxxxmyLxyVHs=
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o bro -j MASQUERADE
[Peer]
PublicKey =  HnUZ5K8xxxxxxxxxxxxxxxxxxxxxxxlJTQqtn4=
AllowedIPs = 192.168.20.11/32

wg cient config

[Interface]
Address = 192.168.20.11/32
PrivateKey = MPx7f4GxxxxxxxxxxxxxxxxxxxxxxxxxxvrPbno=

[Peer]
PublicKey = lhZCxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx18=
Endpoint = x.x.x.x:51825
AllowedIPs = 192.168.20.0/24

PersistentKeepalive = 25

Firewall rules as described in the instructions.

You have any ideas ?

[Stroh37]

You’re gonna need to look up split vpn by peacy. That’ll get you goin.