aws_Wg

ubuntu@ip-xxxx:~$ sudo cat /etc/wireguard/wg0.conf
[Interface]
Address = 10.18.6.1/24
MTU = 1380

PostUp = ip6tables -A FORWARD -i %i -j ACCEPT;  iptables -A FORWARD -i %i -j ACCEPT; ip6tables -A FORWARD -o %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o ens5 -j MASQUERADE;iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu; wg set %i private-key /etc/wireguard/%i.key
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o ens5 -j MASQUERADE; ip6tables -D FORWARD -i %i -j ACCEPT ; ip6tables -D FORWARD -o %i -j ACCEPT
ListenPort = 51820
#lenovo
[Peer]
PublicKey = laptop pub key
AllowedIPs = 10.18.6.3/32
PresharedKey = Pre-Shared Key

#Raspberry PI
[Peer]
PublicKey = Pi - pub key
AllowedIPs = 10.18.6.5/32
PresharedKey = Pre-Shared Key


#Desktop
[Peer]
PublicKey = ubuntu desktop pub key
AllowedIPs = 10.18.6.2/32
PresharedKey = Pre-Shared Key

ubuntu@ip-xxxx:~$ sudo wg show
interface: wg0
  public key: aws-pub-key
  private key: (hidden)
  listening port: 51820

peer: Ras Pi Pub key
  preshared key: (hidden)
  endpoint: xxxxxxx
  allowed ips: 10.18.6.5/32
  latest handshake: 1 minute, 28 seconds ago
  transfer: 3.97 KiB received, 4.17 KiB sent

peer: Ubuntu Desktop Pub key
  preshared key: (hidden)
  endpoint: xxxxxx
  allowed ips: 10.18.6.2/32
  latest handshake: 1 minute, 48 seconds ago
  transfer: 308 B received, 92 B sent

peer: laptop pub key
  preshared key: (hidden)
  allowed ips: 10.18.6.3/32

ubuntu@ip-xxxx:~$ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         ip-172-31-16-1. 0.0.0.0         UG    100    0        0 ens5
10.18.6.0       0.0.0.0         255.255.255.0   U     0      0        0 wg0
ip-172-31-0-2.a ip-172-31-16-1. 255.255.255.255 UGH   100    0        0 ens5
172.31.16.0     0.0.0.0         255.255.240.0   U     100    0        0 ens5
ip-172-31-16-1. 0.0.0.0         255.255.255.255 UH    100    0        0 ens5

ubuntu@ip-xxxx:~$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host noprefixroute
       valid_lft forever preferred_lft forever
2: ens5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9001 qdisc mq state UP group default qlen 1000
    link/ether 06:54:1c:2a:3b:7b brd ff:ff:ff:ff:ff:ff
    inet 172.31.23.120/20 metric 100 brd 172.31.31.255 scope global dynamic ens5
       valid_lft 2790sec preferred_lft 2790sec
    inet6 fe80::454:1cff:fe2a:3b7b/64 scope link
       valid_lft forever preferred_lft forever
4: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1380 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 10.18.6.1/24 scope global wg0
       valid_lft forever preferred_lft forever

ubuntu@ip-xxxx:~$ sudo resolvectl status
Global
         Protocols: -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
  resolv.conf mode: stub

Link 2 (ens5)
    Current Scopes: DNS
         Protocols: +DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported
Current DNS Server: 172.31.0.2
       DNS Servers: 172.31.0.2
        DNS Domain: ap-south-1.compute.internal

Link 4 (wg0)
    Current Scopes: none
         Protocols: -DefaultRoute -LLMNR -mDNS -DNSOverTLS DNSSEC=no/unsupported