From: Nohk Two <nohktwo@gmail.com>
To: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: How to detect the IP CAM on LAN from WG tunnel ?
Date: Thu, 20 Jun 2024 22:52:10 +0800 [thread overview]
Message-ID: <384d1fdd-a32f-4839-bb8b-2761be363b50@gmail.com> (raw)
Hi,
This seems a common question but I don't know how do you solve this problem.
My machine has an ethernet interface: eth0
It's network is 192.168.100.1/24
I created a wireguard interface thru eth0: wg0
It's network is 192.168.128.1/24
I have an IP CAM on the LAN: cam1
It's network is 192.168.100.21/24
This is physically on the same LAN as my machine's eth0.
My machine has a MASQUERADE iptable entry in the nat table:
iptables -t nat -A POSTROUTING -s 192.168.128.0/24 -o eth0 -j MASQUERADE
My phone uses the wireguard connect to my machine's wg0.
This wireguard configuration allow 192.168.100.0/24.
My phone's wireguard VPN IP address 192.168.128.10/24.
So my phone should be able to connect to my IP CAM without problem.
192.168.128.10(phone) source NAT as 192.168.100.1(eth0) then connect to 192.168.100.21(cam1)
192.168.100.21(cam1) reply to 192.168.100.1(eth0) then NAT rewrite to 192.168.128.10(phone)
However, the IP CAM's mobile App on my phone never remember the IP CAM's IP address and will always scan the network to find out the IP CAM. Then Failed if my phone uses the wireguard VPN.
Maybe the problem is that my phone and the IP CAM have different network, 192.168.128.0/24 vs 192.168.100.0/24.
How do you solve this problem ?
next reply other threads:[~2024-06-20 14:57 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-20 14:52 Nohk Two [this message]
2024-06-21 9:18 ` Mark Lawrence
2024-06-21 10:39 ` Nohk Two
2024-06-21 10:47 ` Tomcsanyi, Domonkos
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=384d1fdd-a32f-4839-bb8b-2761be363b50@gmail.com \
--to=nohktwo@gmail.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).