firewall / port forward - ?

Development discussion of WireGuard
 help / color / mirror / Atom feed

From: lejeczek <peljasz@yahoo.co.uk>
To: wireguard@lists.zx2c4.com
Subject: firewall / port forward - ?
Date: Wed, 16 Feb 2022 14:43:23 +0000	[thread overview]
Message-ID: <59b73202-4c8c-2ff2-fca8-209cc3f3ac54@yahoo.co.uk> (raw)
In-Reply-To: <59b73202-4c8c-2ff2-fca8-209cc3f3ac54.ref@yahoo.co.uk>

Hi guys.

I'm still new to wireguard and still not an expert on network stack so I 
struggle with something what might be trivial.

A roadwarrior when connected to the server sees a forward-port on 
server's internal network as 'closed':

10.3.9.10 -> 10.3.9.1 <server> 10.3.1.1 (port forward) => 10.8.9.1 (a 
dummy iface, still server)

but rest of 10.3.1.0/24 sees that forwarded port - as I expected - as 'open'

If that same server port is not forwarded ("stays" on 10.3.1.1) then 
that roadwarrior sees the port as 'open'

I've fiddled with firewall all I could so I think it's not in there - 
thus hoping expert(s) can help me wrap my head around it.

many thanks, L.

          parent reply	other threads:[~2022-02-16 14:43 UTC|newest]

Thread overview: expand[flat|nested]  mbox.gz  Atom feed
 [parent not found: <59b73202-4c8c-2ff2-fca8-209cc3f3ac54.ref@yahoo.co.uk>]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=59b73202-4c8c-2ff2-fca8-209cc3f3ac54@yahoo.co.uk \
    --to=peljasz@yahoo.co.uk \
    --cc=wireguard@lists.zx2c4.com \
    --subject='Re: firewall / port forward - ?' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).