Question

Using Wireguard to access VPSs using private IPs.

Hello. I have followed this tutorial on setting up Wireguard: https://www.digitalocean.com/community/tutorials/how-to-set-up-wireguard-on-ubuntu-22-04 My goal is to run a small droplet in my account that runs wireguard and use that as way to be able to access my other droplets that are not exposed to the internet. Following the tutorial I get a working connection and can connect to the rest of the internet as well as the VPS that is running wireguard but I can’t access other droplets using their private IPs (droplets are in the same region).

My configurations are as follows: DO VPS:

[Interface]
Address = 10.122.0.0/24
SaveConfig = true
PostUp = ufw route allow in on wg0 out on eth0
PostUp = iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
PreDown = ufw route delete allow in on wg0 out on eth0
PreDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PrivateKey = <my-vps-private-key>

[Peer]
PublicKey = <my-computer-public-key>
AllowedIPs = 10.122.0.0/24
Endpoint = <my-endpoint-ip>:56747

My computer configuration:

[Interface]
PrivateKey = <my-computer-private-key>
Address = 10.122.0.12/26
DNS = 1.1.1.1, 1.0.0.1

[Peer]
PublicKey = <my-vps-public-key>
AllowedIPs = 10.122.0.0/24
Endpoint = <vps-ip>:51820

10.122.0.0 is the subnet for my droplets on DO side. I suspect the issue is somewhere in the routing but can’t figure out where. Any help is appreciated. Thanks!

Subscribe
Share

Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!