Signian

Wanted to follow up on this as I fixed the issue and now everything is working as expected. While we are way past Unraid 6.10 this solution should still work on the latest version of Unraid. This will allow you to still have a Custom Docker Network while not breaking Wireguard. Problem: Wireguard external network breaks when you enable "Host access to Custom networks". Disabling this will allow you to navigate LAN and External Internet from your home IP, however, if you have any containers like Pi-Hole, you'll notice when trying to connect to them over VPN, you will not be able to. I believe you can set static routing via your router to fix the issue, however, there are some routers that don't have that feature. This is what I did to fix the access issue since my router unfortunately doesn't have static routing: Requirement: Must have at least 2 NIC ports on your Server 1. Go into network settings -> Set Eth1 with the following settings a. Enable bonding -> No b. Enable Bridging -> No c. Network Protocol -> IPv4 + IPv6 (you could just do IPv4). d. Do not set an IP address assignment for IPv4 or IPv6 e. Leave Desired MTU and Enable VLAN's as the defaults 2. Go to Settings -> Docker -> Set "Enable Docker" to "No" temporarily while you change the settings (Note: this will shut off all your dockers while you are making the changes). 3. Once disabled, ensure "Host access to Custom networks" type is set to "Disabled" 3. Uncheck IPv4 custom network on interface eth0 and check the box for eth1. 4. Set your subnet, gateway (ex: 192.168.1.0 / 192.168.1.1) 5. Once the settings have been applied, go ahead and Set "Enable Docker" to "Yes" 6. Go to the docker container with a custom network (ex: Pi-Hole: edit the configs to set the network type to "Custom: eth1" and set your Fixed IP address). 7. Connect to your Wireguard VPN on a device not on your network and see if you can access internal and external network. You can also try connecting to your Dockers on custom networks and ensure you can load the apps console. Hope this helps people!

Did some more playing around with my network settings and unraid and somehow got it to work. Don't even know what I did. As far as I can remember I did this: Went into network settings -> changed eth0 to using a static ip instead of using Automatic. Used my dedicated LAN address I already had reserved for the server within my router -> eth1 is jus sitting there not configured. No for everything and No ipv4 address assigned. eth0 is set to bridging enabled Everything works except for one thing. It's not a HUGE deal but it would be nice if I could get it to work. What Works: Able to navigate through my LAN Access the internet using my home IP address while on my cell network/etc.) Can access docker containers and containers that I had set with static IP addresses hit the unraid webgui What doesn't work Unable to access my router to modify settings at 10.x.x.1 Any suggestions on how to get that last part working? Note: I am now on 6.10. I know this says 6.10-RC8 but this is happening on the stable version that has since been released

if you do the command: "wg-quick up wg0" or "wg-quick down wg0" what does the iptables command look like? For some reason when I do it, this doesn't look right to me and might be the cause of the issue. If it is wrong I don't know how it got like that or how to change it. up output: iptables -t nat -A POSTROUTING -s 10.253.0.0/24 -o br0 -j MASQUERADE down output: iptables -t nat -D POSTROUTING -s 10.253.0.0/24 -o br0 -j MASQUERADE When I'm connected to VPN with IPv4 Custom network enabled I can access my unraid webgui, docker containers, static IP assigned dockers on br0. What I cannot access is my home router at (10.x.x.1) and the outside internet. If I try to ping I get nothing. I've tried different DNS's as well. like I also mentioned if IPv4 Custom network is disabled, Wireguard works perfectly fine. Seems like the something is routing funny. I'm not an expert at network routing, but I did a lot of playing around. Its bugging the crud out of me 😕

@bonienl After further troubleshooting what i determined that is the trigger in the docker section that allows me to access the internet or not is the setting "IPv4 custom network on interface br0 (optional)" if I enable this and start my docker I am unable to use my wireguard to access the internet from my VPN. However, If i disable this then Everything works as expected. Any Suggestions on where I should look? I really would like to have the setting enabled because i want to use dockers such as PiHole, etc. which require a custom IP assigned.

I tried switching that and no luck. I actually looked at my other VPN configs and the other ones use 1.1.1.1 or 1.0.0.1. However, I did try Google's DNS and it still didn't work. Could there be something wrong with my routing settings within Network Settings?

ClientConfig.conf is added. I redacted the keys and my actual IP address.

I didn’t make any changes to the tunnel after upgrading. I also noticed a little weirdness on 6.10-rc7 the only major change I made was switching to using the ipvlan instead of macvlan because I was experiencing a lot of hard crashing issues on 6.9.2. I would be happy to create a separate issue and troubleshoot. @bonienl can you remind me again where I make the report? Thanks!

I'm having issues with Wireguard. (im using Remote Tunneled Access) When docker is off I am able to access my home network and the internet. When I enable Docker I lose access to navigate to internet websites, however, I can still access my internal network. Not a huge issue but definitely a regression.

I've been having issues with random Kernel Panic's on my unraid server and have not been able to pinpoint my issues. I know there's some issues going around with docker images assigned to Static IP's using the Br0 interface. I have since then disabled and removed all of those dockers that were previously using it and things seemed to be stable. Now all of a sudden, the kernel panics are happening again. I was able to turn on syslog because it was previously not able to capture the panic. I have attached the trace log to this post. Any help in identifying the issue would be appreciated! Let me know if you need any other information provided. I'm using a Supermicro X9 server intel based. Dockers that I've noticed cause the issue and disabled/removed (for now): Pi-hole - removed Influx-db - removed Grafana - removed unBalanced - disabled telegraf - removed KernelPanicTrace.txt