Hi,
I am trying to achieve this setup https://i.imgur.com/Kgr2Ena.jpg, where clients at Office A, B and C can all communicate with each other. However, I'm struggling with the wireguard config, routing and addressing on physical and virtual interfaces.
I have followed this guidance https://github.com/pirate/wireguard-docs#setup and enabled relaying/forwarding on the cloud server, as well as added the forwarding rules to iptables.
I have the wireguard VPN on subnet 10.200.200.0/24 and can successfully ping between any combination of the 3 peers (10.200.200.1, 10.200.200.2 & 10.200.200.3).
Now I'm unsure how to get clients on office subnets in B & C to communicate. Do I also need to enable relaying/forwarding on the the two office wireguard peers in order for them to route from their respective office subnets to VPN subnets (eg 192.168.110.0 to 10.200.200.0)? As well as add the office subnets to the AllowedIPs list in each peers config?
I also need to make sure clients in A can communicate with C. There is a Meraki AutoVPN between A and B, so I need to make sure peer B can also forward traffic to C from A. Lastly, I presume I will need to setup some static routes so A and C can communicate.
Thanks in advance.
No comments:
Post a Comment