And if that's not it, check wgaip settings.
On 2021-07-26, [email protected] <[email protected]> wrote:
> Did you enable forwarding?
>
> On July 25, 2021 10:22:58 PM MDT, Vincent Lee <[email protected]> wrote:
>>Hi all, I'm running into some trouble trying to configure a
>>network. I'll try to keep it concise:
>>
>>Background:
>>
>>1. I have an OpenBSD Vultr VPS. It serves various odds and ends on
>>external IP address $foo, and runs 6.9 + syspatches.
>>
>>2. I have a second Linux machine located on a residential network with
>>unstable external IP. I'd like to avoid dynamic DNS services, having to
>>configure port-forwarding, etc.
>>
>>3. The two machines are linked by a confirmed-working Wireguard
>>tunnel. The VPS has address 10.0.0.1 and the Linux machine has address
>>10.0.0.2 in the tunnel.
>>
>>Objective:
>>
>>1. I want to expose a stable, routable IP address for the Linux machine,
>>regardless of the state of the residential network, by proxying through
>>my VPS.
>>
>>2. This address should be logically distinct from the existing address
>>for the VPS, as there is an overlap in the services each will
>>serve. (e.g. I could plausibly serve one website from the VPS and a
>>separate one from the Linux machine.)
>>
>>What I've tried:
>>
>>1. I've requested a second IP address $bar for my VPS and added it as an
>>inet alias address in hostname.if. With only this configuration, pinging
>>address $bar (which routes to the VPS) works.
>>
>>2. Next, I tried adding a pf redirect on the VPS: pass in from any to
>>$bar rdr-to 10.0.0.2
>>
>>3. I tried pinging and ssh-ing to address $bar after adding this rule
>>and reloading pf rules, but traffic don't seem to be getting to the
>>Linux box.
>>
>>4. I tried also a binat rule: pass on egress from 10.0.0.2 to any
>>binat-to $bar with the same result.
>>
>>Any obvious problems, and is there an easier way to achieve my
>>objective?
>>
>
