Wireguard NAT to eth1


Answer: 1

13 hours ago

I'm trying to do something that I think should be pretty simple. The goal is to have all traffic from my home network go over a Wireguard VPN. I have 3 devices:

  • ISPs modem/router combo. This should be the internet gateway.
  • Ubuntu 20.04 box (Raspberry Pi 4). This is the Wireguard client.
  • Netgear WiFi router. This is just for WiFi.

Ubuntu's eth0 is connected to the ISP Modem as a DHCP client, eth1 (a USB NIC) is connected to the WiFi routers WAN port.

The part I'm having trouble figuring out is what to do to get the Ubuntu box to act as a WAN gateway as far as the WiFi router is concerned, but with all traffic routed over the Wireguard interface (which is working and shows up as vpn in ifconfig). I've tried figuring it out myself, but every article/site I read gets me more confused...

My understanding is that Wireguard is layer 3, so I can't bridge. So I'll have to set up double NAT (or triple, if I let the WiFi router do its own routing). Is this the right idea? So I would want to:

  1. Set up NAT between the vpn interface and eth1 interface.
  2. Possibly set up a DHCP server on eth1 and point the WiFi router to that so that it's just an AP. Otherwise, triple NAT?


Added by: Dr. Elliott Purdy

Popular Search

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9