Ah. The solution was trivial.

On B side, Ubuntu server:

post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

On my server eth0 doesn't exist it has another name: ens160.

Now it's working.


> On 25 Mar 2018, at 11:19, Adrián Mihálko <adriankoooo@gmail.com> wrote:
> 
> A side (192.168.2.0/24 <http://192.168.2.0/24>):
> 
> LEDE router 192.168.2.1 (static route to access remote side 192.168.1.0/24 <http://192.168.1.0/24> pointing to 192.168.2.100)
> 
> Pi Zero with Wireguard (192.168.2.100, WG: 192.168.5.2)
> 
> Config:
> 
> auto wg0
> iface wg0 inet static
>   pre-up ip link add dev wg0 type wireguard
>   post-up wg setconf wg0 /etc/wireguard/wireguard.conf
>   post-up ip link set dev wg0 up
>   post-up ip route add 192.168.1.0/24 <http://192.168.1.0/24> via 192.168.5.1 dev wg0
>   post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>   address 192.168.5.2
>   netmask 255.255.255.0
> 
> 
> B side (192.168.1.0/24 <http://192.168.1.0/24>):
> 
> Unifi router 192.168.1.1 (static route to access remote side 192.168.2.0/24 <http://192.168.2.0/24> pointing to 192.168.1.54)
> 
> Ubuntu server with Wireguard (192.168.1.54, WG: 192.168.5.1)
> 
> Config:
> 
> iface wg0 inet static
>   pre-up /sbin/ip link add dev wg0 type wireguard
>   post-up /usr/bin/wg setconf wg0 /etc/wireguard/wg0.conf
>   post-up /sbin/ip route add 192.168.2.0/24 <http://192.168.2.0/24> via 192.168.5.2 dev wg0
>   post-up iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>   post-down /sbin/ip link del wg0
>   address 192.168.5.1
>   netmask 255.255.255.0
> 
> ---
> 
> Everything is working great, except that on the "Pi Zero with Wireguard" I can't access/ping remote devices in the 192.168.1.0/24 <http://192.168.1.0/24> range, only the remote server 192.168.1.54. From any other machine in the same "A side" I am able to access devices in the 192.168.1.0/24 <http://192.168.1.0/24> range, just from the Pi Zero itself not.
> 
> What I am missing here?
> 
> 
> pi@raspberrypizero:~ $ ping 192.168.1.54
> PING 192.168.1.54 (192.168.1.54) 56(84) bytes of data.
> 64 bytes from 192.168.1.54 <http://192.168.1.54/>: icmp_seq=1 ttl=64 time=48.6 ms
> 64 bytes from 192.168.1.54 <http://192.168.1.54/>: icmp_seq=2 ttl=64 time=134 ms^C
> --- 192.168.1.54 ping statistics ---
> 2 packets transmitted, 2 received, 0% packet loss, time 1002ms
> rtt min/avg/max/mdev = 48.671/91.554/134.437/42.883 ms
> pi@raspberrypizero:~ $ ping 192.168.1.100
> PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
> ^C
> --- 192.168.1.100 ping statistics ---
> 6 packets transmitted, 0 received, 100% packet loss, time 5188ms
> 
> pi@raspberrypizero:~ $ traceroute 192.168.1.100
> traceroute to 192.168.1.100 (192.168.1.100), 30 hops max, 60 byte packets
>  1  192.168.5.1 (192.168.5.1)  42.279 ms  43.834 ms  44.678 ms
>  2  * * *
>  3  * * *
>  4  * * *
> 
> 
> ---
> 
> B side is working great, I am able to ping everything, even from the Ubuntu server.
> 
> 
> Regards,
> Adrian