Can't get server to client network routing to work...

[KlaysDe]

Hey, thanks for the awesome tutorial.. I seem to have trouble getting the whole setup to work.

My Setup consist of a VPS @ OVH, and a local box that i use for running docker containers, running ubuntu. From what I observe, that the ping packet i'm sending does not leave the docker machine back to the wireguard server.

(Small clarification: ens18 and enp0s18 are the same interface, I had some inconsistencies in my screenshots regaring that)

I have done some packet tracing and here are the results:

Wireguard config on docker01

[Interface]
PrivateKey = <****************************************>
Address = 10.200.1.4/24
DNS = 1.1.1.1, 1.0.0.1

PostUp = iptables -A FORWARD -i %i -j ACCEPT
PostUp = iptables -t nat -A POSTROUTING -o ens18 -j MASQUERADE

PreDown = iptables -D FORWARD -i %i -j ACCEPT
PreDown = iptables -t nat -D POSTROUTING -o enp0s18 -j MASQUERADE

[Peer]
PublicKey = <****************************************>
AllowedIPs = 0.0.0.0/0, ::0
Endpoint = <**********>:<***>
PersistentKeepalive = 25

Wireguard config on vpn-server

[Interface]
Address = 10.200.1.1/24
SaveConfig = false

PostUp = iptables -A FORWARD -i %i -j ACCEPT
PostUp = iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE

PreDown = iptables -D FORWARD -i %i -j ACCEPT
PreDown = iptables -t nat -D POSTROUTING -o ens3 -j MASQUERADE

ListenPort = 51820
PrivateKey = <****************************************>

[Peer]
# Some client that shall later be able to reach 192.168.178.36 / desktop
PublicKey = <****************************************>
AllowedIPs = 10.200.1.2/32

[Peer]
# docker01
PublicKey = <****************************************>
AllowedIPs = 10.200.1.4/32, 192.168.178.0/24

Can someone help and point out what i am missing here? Do the firewall rules of docker maybe interference with the setup?

[petter1]

In the docker01 config is one internal called once enp0s18 and once ens18. In your plan is ens18.