Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Shells Virtual Desktop
BMail.ag - Secure Email Service
Server.net
CPLicense.net
VPS Server
Buy VPN
Vultr
VMs for AI
HostDare
HostDare
ReliableSite White-Label Dedicated Hosting for Resellers
25% Recurring Discount on NVMe VPS
InterServer VPS
BMail.ag - Secure Email Service
Best VPN
High-Performance Bare Metal Server Solutions
Karvl.com
Server Mania Cloud Hosting
DataWagon Hosting
AlphaVPS Hosting
Evoxt.com
Clouvider
VPS Hosting with NVMe
Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth
ReliableSite White-Label Dedicated Hosting for Resellers
Rabisu - Hosting Solutions
Shells Virtual Desktop
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Internal networking issue

hades_corpshades_corps Member
edited October 2023 in Help

Hi,

For a while now I have been running Wireguard on my server alongside CloudPanel and stuff (all are on LXCs). And all is well until about a week ago, I can't access any http/https host on the same server if I connect to Wireguard on LXC. Can't really pinpoint the exact date or update since most of the work is automated.
The host is Proxmox V8 (Debian 12) with Crowdsec.

I have verified these things:

  • I temporarily turned off the firewall and the issue persisted.
  • I can access services that are on the host.
  • All the LXCs can see and access each other since there are a few reverse proxies on CloudPanel direct to other LXCs.

My current /network/interfaces is as such:

   post-up echo 1 > /proc/sys/net/ipv4/ip_forward
   post-up iptables -t nat -A POSTROUTING -s 10.0.1.0/24 -o enp36s0f0 -j SNAT --to-source <IP>
   post-up iptables -t nat -A PREROUTING -d <IP> -p tcp --dport 80 -j DNAT --to <CloudPanel>:80
   post-up iptables -t nat -A PREROUTING -d <IP> -p tcp --dport 443 -j DNAT --to <CloudPanel>:443
   post-up iptables -t nat -A PREROUTING -d <IP> -p udp --dport <WG_Port> -j DNAT --to <WireGuard>:<WG_Port>
   post-up iptables -t nat -A PREROUTING -d <IP> -p tcp --dport <WG_Port> -j DNAT --to <WireGuard>:<WG_Port>

Edit: I also connected to WireGuard on my phone with cellular so it's something on the host and not my home network.

Comments

  • ScreenReaderScreenReader Member
    edited October 2023

    is there any funny error logs in syslog / NetworkManager?

    try troubleshooting it using tcpdump

  • vsys_hostvsys_host Member, Patron Provider

    Try telnet to 443 port from WG lxc to HTTP/S lxc. If it's not working, then check the firewall and routing.
    If it's working, then run tcpdump on HTTP/S lxc and compare telnet from WG lxc and connection from your phone/laptop; the difference will be the key to finding an issue.

Sign In or Register to comment.