Sample Header Ad - 728x90

Wireguard connection to localhost via VPN refused

0 votes
1 answer
302 views
networking iptables nat ufw wireguard
In order to access my webserver (behind CGNAT on my home PC), I established a wireguard tunnel between my home PC (wireguard IP 10.8.0.3) and a VPS (wireguard IP 10.8.0.1 and public IP 11.22.33.44). I also have a domain (my.domain) that is associated with the VPS' public IP. **Wireguard conf on the VPS** 
[Interface]
Address = 10.8.0.1/24
ListenPort = 51820
PrivateKey = PPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP

[Peer]
## my home pc
PublicKey = QQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQQ
AllowedIPs = 10.8.0.3/32
**Wireguard conf on my home pc** 
[Interface]
PrivateKey = AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Address = 10.8.0.3/32

[Peer]
PublicKey = BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
AllowedIPs = 0.0.0.0/0
Endpoint = 11.22.33.44:51820
PersistentKeepalive = 25
I also have UFW installed on the VPS (no firewall on my home pc) using which I am port forwarding 80 from the internet to my home pc. 
To                         Action      From
     --                         ------      ----
[ 1] Anywhere                   ALLOW IN    10.8.0.0/24                     
[ 2] 51820/udp                  ALLOW IN    Anywhere                   
[ 3] 51820/udp (v6)             ALLOW IN    Anywhere (v6)
**/etc/ufw/before.rules** 
*nat
:PREROUTING ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination 10.8.0.3:80
-A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to-destination 10.8.0.3:443
-A OUTPUT -o lo -p tcp --dport 80 -j DNAT --to-destination 10.8.0.3:80
-A OUTPUT -o lo -p tcp --dport 443 -j DNAT --to-destination 10.8.0.3:443
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
COMMIT
Using these configurations, I am able to access my website using my domain from the internet (browser on my phone with different network) and my vps (tested via curl -4 -v my.domain). However, when I perform curl -4 -v my.domain from my home pc (10.8.0.3), I get the following error: 
root@home-pc:~# curl -4 -v my.domain
*   Trying 11.22.33.44:80...
* connect to 11.22.33.44 port 80 failed: Connection refused
* Failed to connect to my.domain port 80 after 25 ms: Couldn't connect to server
* Closing connection 0
curl: (7) Failed to connect to my.domain port 80 after 25 ms: Couldn't connect to server
I know that I can directly connect to my website from my home pc using localhost (or 192.168.50.2) but I am unable to figure out why I cannot connect to my home pc via the VPN. I would like to do this because then I want to connect to localhost using my.domain. How can I achieve this? Thanks in advance for any leads.
Asked by Sam (101 rep)
Aug 10, 2024, 09:33 PM
Last activity: Aug 11, 2024, 02:10 PM
Sidebar Ad - 300x250
Related Questions

Browse more questions from Unix & Linux Stack Exchange

More questions tagged "networking"
More questions tagged "iptables"
More questions tagged "nat"
Footer Ad - 728x90