wireguard peer missing and unreachable #207
Description
hello. I have 3 wireguard nodes
my laptop
an lxc server at home
an oracle cloud instance
im trying to allow my laptop to be able to access my lan and my lan machine and my laptop to use the cloud instance to access the internet. with my current setup the cloud instance has network access the lan server and cloud vps can access the internet but not peers and my laptop has no dns but can reach 1.1.1.1ands cant reach any peers.
i have setup basic wireguard hub and spoke setups before by hand but im struggling with this setup.
snippet of my inventory related to wireguard
wireguard:
hosts:
wireguard-oci:
ansible_host: 1.1.1.1#changed to not leak ips
ansible_user: opc
ansible_ssh_private_key_file: ../ssh_keys/staging_key
wireguard_endpoint: ""
wireguard_addresses:
- "10.50.0.1/32"
wireguard_allowed_ips: "10.50.0.1/32"
wireguard_postup: # enables masquerading
- nft add table inet wireguard; nft add chain inet wireguard wireguard_chain {type nat hook postrouting priority srcnat\; policy accept\;}; nft add rule inet wireguard wireguard_chain counter packets 0 bytes 0 masquerade;
wireguard_postdown:
- nft delete table inet wireguard;
wireguard-home:
ansible_host: 192.168.0.108
ansible_user: root
ansible_ssh_private_key_file: ../ssh_keys/staging_key
wireguard_addresses:
- "10.50.0.2/32"
wireguard_allowed_ips: "10.50.0.3/32, 192.168.0.0/24"# allows lan access
wireguard_endpoint: "1.1.1.1"
laptop:
wireguard_addresses:
- "10.50.0.3/32"
wireguard_endpoint: "1.1.1.1"
ansible_connection: localwg on cloud instance
interface: wg0
public key: FJwNdrVg1UcEq0w0RB83bPrJSYxF3NhjXu7Wv+BpCXo=
private key: (hidden)
listening port: 51820
peer: zmBrEVlkCss4Kxb4nZi88V+8TNa78O2dSEsXopYbJ1M=
endpoint: 1.1.1.1:51820
allowed ips: 192.168.0.0/24
transfer: 0 B received, 68.22 KiB sent
for some reason my laptop isnt showing as a peer
cloud wg0.conf
# Ansible managed
[Interface]
# wireguard-oci
Address = 10.50.0.1/32
PrivateKey = ###################################################
ListenPort = 51820
PostUp = nft add table inet wireguard; nft add chain inet wireguard wireguard_chain {type nat hook postrouting priority srcnat\; policy accept\;}; nft add rule inet wireguard wireguard_chain counter packets 0 bytes 0 masquerade;
PostDown = nft delete table inet wireguard;
[Peer]
# Name = wireguard-home
PublicKey = ###########################################
AllowedIPs = 192.168.0.0/24
Endpoint = 1.1.1.1:51820
[Peer]
# Name = laptop
PublicKey = #################################################
AllowedIPs = 10.50.0.3/32
Endpoint = 1.1.1.1:51820running wg on my home server shows both peers
i have definatly added the security list to allow wireguard through on oracle cloud (allows udp traffic on port 51820)