From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: bruno@wolff.to Received: from wolff.to (wolff.to [98.103.208.27]) by krantz.zx2c4.com (ZX2C4 Mail Server) with SMTP id d4cfb67a for ; Fri, 22 Jul 2016 16:02:39 +0000 (UTC) Date: Fri, 22 Jul 2016 11:02:45 -0500 From: Bruno Wolff III To: Quan Zhou Message-ID: <20160722160245.GA648@wolff.to> References: <20160721205742.GA10312@wolff.to> <20160722081821.GA11505@lud.polynome.dn42> <20160722090913.GA8383@wolff.to> <20160722093211.GA12311@lud.polynome.dn42> <20160722113212.GA17578@wolff.to> <20160722151458.GA14212@wolff.to> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed In-Reply-To: Cc: wireguard@lists.zx2c4.com Subject: Re: [WireGuard] Using wireguard link as a proxy? List-Id: Development discussion of WireGuard List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , On Fri, Jul 22, 2016 at 23:35:02 +0800, Quan Zhou wrote: >I happen to have a similar problem, using `AllowedIPs = 0.0.0.0/0` on both >sides of a wireguard link works, but when I try to add more peers, all but >one gets `(none)`. I know this is by design, but it would be sweet if I can >manually set gateways within a wireguarded network. You only want 0.0.0.0/0 on one side. The proxy server should expect a single source IP address the clients can get packets from any address through the server. If the clients are also proxing some local traffic, then you'll probably need to do nat on each client so the source addresses don't conflict.