jcm10
February 17, 2022, 9:58pm
1
I setup a Wireguard VPN server on a Google Cloud VM but when connecting to it with the iOS client (running latest OS and app) nothing loads via the internet when the VPN is on (no browsing, emails, social media, etc), as if I don’t have an internet connection. What could be causing this, or how can I troubleshoot? Note: I am a beginner, and apologize if I am using incorrect terminology, feel free to correct me.
Here is the configuration file contents (wg0.conf):
[Interface]
Address = 10.0.0.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o ens4 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o ens4 -j MASQUERADE
ListenPort = 51820
PrivateKey = REMOVED FOR POST
Here is a screenshot of the client app info:
RaZer0r
February 17, 2022, 10:18pm
2
did you enable forwarding in the linux kernel? by default it is not allowed.
Run
sysctl -w net.ipv4.ip_forward=1
to enable ip forwarding.
to make the change permanent, add it to /etc/sysctl.conf
jcm10
February 17, 2022, 10:41pm
4
@RaZer0r That did not fix the issue, and was already set to 1 in the /etc/sysctl.conf file.
RaZer0r
February 17, 2022, 10:59pm
5
verify if the rules are applied when wireguard is connected (iptables -vnL -t nat)
i’ve never used bash code inside the postup and/or postdown config, always a reference to a script…
jcm10
February 17, 2022, 11:22pm
6
@RaZer0r This is what I get when running sudo iptables -vnL -t nat
:
Chain PREROUTING (policy ACCEPT 7045 packets, 585K bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 4788 packets, 282K bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 6704 packets, 507K bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 2110 packets, 167K bytes)
pkts bytes target prot opt in out source destination
4594 340K MASQUERADE all -- * ens4 0.0.0.0/0 0.0.0.0/0