[WireGuard quickstart]

On 11/12/2020 at 10:26 PM, Maor said:

Just fighting the same problem, eventhough, I have tried to fix the AllowedIPs myself, it still does not work. Perhaps there need to be additional configuration done to Unraid such as enabling ip forwarding... Also IP forwarding seems a bit broken in my unraid 6.8.3
had to do quick fix
 

sysctl -w net.ipv4.ip_forward=1

but this is not persistent

What you need is to keep the connection alive for any peer behind a NAT or firewall for them to be able to communicate with each other.

Try setting the "Persistent keepalive" field of peer to 25 seconds (something < 2 mins), this is almost mandatory for a server hub or lan hub setup in my opinion.

You can read more about it here

Do let me know if it works at all;)

[WireGuard quickstart]

Hey @ljm42 I think the peer configs for "Server hub and spoke access" and "LAN hub and spoke access" might be incorrect:

- "Server hub and spoke access" is currently setup exactly like "Remote access to server", it doesn't really allow peers on the same tunnel to talk to each others

- "LAN hub and spoke access" does allow you to connect to other peers on the same tunnel (which is correct), but it does't allow peers to access your entire LAN (only the unraid server itself)

 

With my limited knowledge in networking, I think this might be because of how the "AllowedIPs" was set in the peer config file

- "Server hub and spoke access" gives you something like "AllowedIPs=10.253.0.1/32" which I think should be "AllowedIPs=10.253.0.0/24"

- "LAN hub and spoke access" gives you "AllowedIPs=10.253.0.0/24, 192.168.1.100/32" which I think should be "AllowedIPs=10.253.0.0/24, 192.168.1.0/24"

 

I'm using Unraid 6.8.3, this was the result of my testing for those 2 types (on things that I could access and things that I couldn't), but my understanding about networking and wireguard might be totally wrong