I have a working remote access vpn set up for accessing a Nextcloud server at home. All hosts running Ubuntu server 22.04. So, I dont have a question to fix anything but I am looking for a better understanding of how the vpn tunnel virtual interfaces really work, in particular related to their IP addresses.
I understand that all clients and the server each must have a tunnel interface IP address. These addresses do not seem to be related to any real network.
The Wireguard tunnel network must not conflict with a real network and does not need to be within a real network or subnet. This blows my mind :)
In my case, I have a real subnet at 10.8.10.0/24, and this subnet is where WG & NC live. Nothing else. Yet, my WG tunnel IPs are made up, all on a fake subnet, 10.0.8.0/32. I have no such subnet on any physical network anywhere. What is the point of fictitious IP addresses, unless it is a secret virtual network that only the WG hosts all understand. Weird, but Im still learning..
I understand that all clients and the server each must have a tunnel interface IP address. These addresses do not seem to be related to any real network.
The Wireguard tunnel network must not conflict with a real network and does not need to be within a real network or subnet. This blows my mind :)
In my case, I have a real subnet at 10.8.10.0/24, and this subnet is where WG & NC live. Nothing else. Yet, my WG tunnel IPs are made up, all on a fake subnet, 10.0.8.0/32. I have no such subnet on any physical network anywhere. What is the point of fictitious IP addresses, unless it is a secret virtual network that only the WG hosts all understand. Weird, but Im still learning..