Re: [Shorewall-users] redirecting ALL ipv6 local/lan traffic over a wireguard VPN to/through remote's external interface. almost there ... routing issue?

On 6/2/20 9:24 PM, Tom Eastep wrote: > I know nothing about Wireguard, but this article seems relevant (note > the 'Required key not available): > > https://bbs.archlinux.org/viewtopic.php?id=232754 good hint! adding @local, /etc/wireguard/wg0 + AllowedIPs = 2000::/

Re: [Shorewall-users] redirecting ALL ipv6 local/lan traffic over a wireguard VPN to/through remote's external interface. almost there ... routing issue?

On 6/5/20 3:12 PM, PGNet Dev wrote: > On 6/2/20 9:24 PM, Tom Eastep wrote: >> I know nothing about Wireguard, but this article seems relevant (note >> the 'Required key not available): >> >> https://bbs.archlinux.org/viewtopic.php?id=232754 > > good hint! > > adding @local, > > /etc/w

Re: [Shorewall-users] redirecting ALL ipv6 local/lan traffic over a wireguard VPN to/through remote's external interface. almost there ... routing issue?

On 6/5/20 3:56 PM, Tom Eastep wrote: >> *AND* @remote, >> >> /etc/wireguard/wg0 >> >> +PostUp = ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE >> +PostDown = ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE >> > > That rule will be wiped out the next time

Re: [Shorewall-users] redirecting ALL ipv6 local/lan traffic over a wireguard VPN to/through remote's external interface. almost there ... routing issue?

On 6/5/20 4:11 PM, PGNet Dev wrote: >> That rule will be wiped out the next time you 'shorewall6 reload' or verified that to be the case moved all the wireguard-config ip(6)tables @remote rules to shorewall kept only the iproute rules in wireguard config @remote added a system override to wg0 sy