- Run
setup_ip_forwarding.batscript to enable IP forwarding on Windows. - Configure Windows firewall to accept traffic from all remote networks.
- Install wireguard and setup connection to central wireguard server with all remote networks as part of
AllowedIPsand a unique IP within the wireguard network. - Setup fritzbox to a custom local IP address range (e.g. 192.168.110.0/24) that is unique in all sites.
- Setup a static DHCP lease or a static IP for the local wireguard system.
- Setup static routes in fritzbox for each remote network using the local wireguard system's IP as the gateway/nexthop.
- For central wireguard server setup route for the network address range of the new external site.
Last active
January 11, 2021 18:53
-
-
Save pschichtel/5cb8dc0fab064b82f89c6745ea23779a to your computer and use it in GitHub Desktop.
Batch script to enable IP forwarding on Windows. I use this to (ab)use Windows PCs as a Gateway into a site-to-site VPN.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| :: Based on: https://michlstechblog.info/blog/windows-howto-enable-ip-routing/ | |
| reg add HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters /v IPEnableRouter /D 1 /f | |
| sc config RemoteAccess start= auto | |
| sc start RemoteAccess |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment