Redirect NAT Traffic of iptables to its source interface
by cwdztsd88 from LinuxQuestions.org on (#6KXWY)
How to redirect NAT traffic of iptables to its source interface?
I am working on wireguard vpn structure that is exotic:
for every client that will request vpn session my server will create a unique interface dedicated to one client. Design is simple: Server is 10.0.0.1, client is 10.0.0.2
But...
PostUp = iptables -A FORWARD -i intfc -j ACCEPT; iptables -t nat -A POSTROUTING -o ens5 -j MASQUERADE
PostDown = iptables -D FORWARD -i intfc -j ACCEPT; iptables -t nat -D POSTROUTING -o ens5 -j MASQUERADE
This sometimes causes connectivity issues if more than one client dedicated interfaces exists and that causes confusion on routing. How to get around of it?. My idea is making NAT redirect its returning traffic from internet to be routed to source interface but dont have experience in iptables at all.
I am working on wireguard vpn structure that is exotic:
for every client that will request vpn session my server will create a unique interface dedicated to one client. Design is simple: Server is 10.0.0.1, client is 10.0.0.2
But...
PostUp = iptables -A FORWARD -i intfc -j ACCEPT; iptables -t nat -A POSTROUTING -o ens5 -j MASQUERADE
PostDown = iptables -D FORWARD -i intfc -j ACCEPT; iptables -t nat -D POSTROUTING -o ens5 -j MASQUERADE
This sometimes causes connectivity issues if more than one client dedicated interfaces exists and that causes confusion on routing. How to get around of it?. My idea is making NAT redirect its returning traffic from internet to be routed to source interface but dont have experience in iptables at all.