[r720-02 dan ~] % jls
JID IP Address Hostname Path
4 127.163.54.32 r720-02-pg01.int.unixathome.o /jails/pg01
5 127.163.0.10 r720-02-ingress01.int.unixath /jails/ingress01
6 127.163.0.80 r720-02-nginx01.int.unixathom /jails/nginx01
8 10.200.0.1 r720-02-proxy01.int.unixathom /jails/proxy01
root@r720-02-proxy01:/ # ping 10.55.0.24
PING 10.55.0.24 (10.55.0.24): 56 data bytes
64 bytes from 10.55.0.24: icmp_seq=0 ttl=62 time=9.688 ms
64 bytes from 10.55.0.24: icmp_seq=1 ttl=63 time=9.785 ms
64 bytes from 10.55.0.24: icmp_seq=2 ttl=63 time=8.643 ms
64 bytes from 10.55.0.24: icmp_seq=3 ttl=63 time=10.155 ms
64 bytes from 10.55.0.24: icmp_seq=4 ttl=63 time=9.539 ms
22:12:08.909897 IP 10.55.0.24 > 10.200.0.1: ICMP echo reply, id 807, seq 156, length 64
22:12:09.972576 IP 10.200.0.1 > 10.55.0.24: ICMP echo request, id 807, seq 157, length 64
22:12:09.972726 IP 10.55.0.24 > 10.200.0.1: ICMP echo reply, id 807, seq 157, length 64
tcpdump
on the host being pinged:[slocum dan ~] % sudo tcpdump -ni ix2 host 10.55.0.24
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ix2, link-type EN10MB (Ethernet), capture size 262144 bytes
22:12:01.602600 IP 10.200.0.1 > 10.55.0.24: ICMP echo request, id 807, seq 149, length 64
22:12:01.602658 IP 10.55.0.24 > 10.200.0.1: ICMP echo reply, id 807, seq 149, length 64
route add 10.200.0.0/24 10.55.0.59
AllowedIPs
on the basement Wireguard configuration to add 10.200.0.0/24The vpn tunnel network address is 10.9.1.144/30 not10.9.1.146/30as pointed in your blog.
Remove or mask the private key in server config section and client config section.