Update: After I added this to each server:
iptables -t nat -I POSTROUTING -m policy --pol ipsec --dir out -j ACCEPT I can ping Sun's WireGuard IP (192.168.18.1) from Moon and vice versa. But I cannot ping other IPs in the WireGuard LAN yet (cannot ping 192.168.18.19 from Moon, even that the machine is up). On Tue, Feb 11, 2020 at 11:48 PM Nguyễn Hồng Quân <ng.hong.q...@gmail.com> wrote: > Hi Noel > > Here are all the log and swanctl config (except the certificates). > I create the connection config in /etc/swanctl/conf.d/, without modifying > the default /etc/swanctl/swanctl.conf (keep it as original as packaged by > Ubuntu 19.10). > > https://bitbucket.org/snippets/hongquan/ynzxjg > > -- Quân
