Hello everyone!
I have an Alma Linux 9 VPS instance at Contabo running Wireguard. Starting Wireguard daemon using systemD works as expected. Here's my /etc/wireguard/wg0.conf file:
Code:
[Interface]
Address = 192.0.2.1/24
ListenPort = 51820
PrivateKey = [Here's my server's private key]
[Peer]
PublicKey = [Here's my clients public key]
AllowedIPs = 192.0.2.2/24
PersistentKeepalive = 25
And here's the output of firewall-cmd --list-all:
Code:
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: cockpit dhcpv6-client http https
ports: 55555/tcp 51820/udp
protocols:
forward: yes
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
My client is desktop Arch Linux behind standard NAT (home router). Client's wireguard configuration file:
Code:
[Interface]
PrivateKey = [My client's private key]
Address = 192.0.2.2/24
[Peer]
PublicKey = [My server's public key]
Endpoint = [server's public IP]:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepAlive = 25
The problem is when I connect to the server through WireGuard my ssh connection breaks and I can't access the internet (both using IP addresses and domain names). I think my IP and routing configuration may cause the issue. When I enabled wireguard debugging I noticed some messages like that:
Code:
[153961.338747] wireguard: wg0: Packet has unallowed src IP (192.168.0.106) from peer 15 ([My client's public IP]:56050)
This 192.168.0.106 address is my client's private IP at home. I don't know too much about networking, so please be patient.
Thank you all in advance.