Hello. I have problem - i'm trying setup wg vpn between 2 vps with killswitch and keep ssh working on client vps after wg tunnel up.
That what i've tried:
wg0.conf on server vps
wg0.conf on client vps
On client vps before start wg-quick up wg0 i use this iptables rules:
After wg-quick up wg0 connection stuck and i can't connect ot my client vps until reboot.
What i'm doing wrong?
That what i've tried:
wg0.conf on server vps
[Interface]
Address = 192.168.6.1/24
ListenPort = 41194
PrivateKey = private key
wg0.conf on client vps
[Interface]
PrivateKey = private key
Address = 192.168.6.2/24
#PostUp = iptables-legacy -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL ! -d MYWGCLIENT_IP/24 -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
#PreDown = iptables-legacy -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL ! -d MYWGCLIENT_IP/24 -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
[Peer]
PublicKey = pub key
AllowedIPs = 0.0.0.0/0
Endpoint = MYWGSERVER_IP:41194
On client vps before start wg-quick up wg0 i use this iptables rules:
echo "100 no_vpn" | sudo tee -a /etc/iproute2/rt_tables
sudo ip rule add fwmark 0x1 table no_vpn
sudo ip route add default via CLIENTGWIP dev eth0 table no_vpn
iptables-legacy -t mangle -A INPUT -p tcp --sport 22 -j MARK --set-mark 0x1
After wg-quick up wg0 connection stuck and i can't connect ot my client vps until reboot.
What i'm doing wrong?
