Hi!
I read many tutorials on this topic, however I can’t seem to configure my UDM in a way that this would work.
What I’m trying to achieve
I got a fixed IP from TorGuard, with port forwarding enabled. This should theoretically allow me to connect via WireGuard and treat my TorGuard IP as my WAN IP for a certain VLAN. So basically I want to have all my devices on my main VLAN, where the outgoing and incoming connections go through my regular WAN IP, but have a separate VLAN for devices that communicate through my TorGuard IP.
What is already working
- VPN Client setup: I managed to successfully create and connect to TorGuard via the built-in VPN Client.
- VLAN creation: I managed to create the “Torrent VLAN” (VLAN ID 3, 10.3.0.0/24) for the clients. It uses DHCP, and clients plugged into the specific ports which I tagged are already on it.
- Policy-Based Routing: I managed to create a route in the “Policy-Based Routes” table that routes all traffic (What to Route? → All Traffic) from the Torrent VLAN through the TorGuard VPN Client by selecting it in the “Interface” dropdown. I confirmed that this actually works by checking whatsmyip on a client connected to the “Torrent VLAN”, this shows my fixed TorGuard IP.
What is NOT working
While outgoing connections are working, I want incoming connections too, to host and expose servers. For example if I have a web server on 10.3.0.10:443, i want to access it on [TORGUARD_PUBLIC_IP]:443. I theoretically do this with port forwarding, but that does not seem to work. I also played around with NAT entries (Routing → NAT) but nothing seems to work.
Does anyone have a similar setup and achieved this?
Im using an UDM base (v4.0.6) with network 8.3.32
Update: I’ve found another similar topic, sadly with no solution: https://www.reddit.com/r/Ubiquiti/comments/1cqfj0m/comment/l6r4hvg