Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by ljm42

  1. No, Unraid has Lets Encrypt support built-in! No docker required. You'll get a random hostname on unraid.net, something like xxxxxxxxxxxxxxxxx.unraid.net . Unraid takes care of all the details. It has been a while since I enabled it, but go to Settings -> Management Access and turn on help. You'll want to set "Use SSL/TLS" to auto and then click Provision. If you get an error about "rebinding protection", wait 10 minutes and try again. If you still get the error, the help text will explain how to adjust your router.
  2. The network is setup for bonding, is that intentional? Delete config/network.cfg from the flashdrive and reboot. This will regenerate the network config
  3. Go to Settings -> Management Access. Under "Local TLD" remove "local", or perhaps set it to "mydomain.xyz". If you are trying to do SSL, turn on help and read through the options. The recommendation is to use Unraid's built-in Lets Encrypt functionality rather using your own domain.
  4. It connects, but then tries to redirect to another url that isn't accessible through the tunnel. For instance, if you have Unraid's Lets Encrypt SSL certificate, any time you connect it will redirect to: https://xxxxx.unraid.net DDNS for that url will point to your LAN ip, something like 192.168.x.x, which isn't accessible when you choose "Remote access to server" Because of this, you won't be able to access the webgui using "Remote access to server". Try "Remote access to LAN"
  5. Switch wg1 from basic to advanced, then the delete button for wg1 will appear.
  6. Appending vfio-pci.ids in syslinux has been problematic in recent versions of Unraid. More background here:
  7. In theory you should be able to put the IP address of your router in the DNS field. But something is preventing your client from communicating with the router. I personally do not put anything in the DNS field. Since my Unraid uses Lets Encrypt with xxxx.unraid.net I don't need a local DNS to resolve it. It sounds like yours is setup the same way so I would just leave it be
  8. I'm guessing that is not actually true. You can probably still access those IP addresses, it is just that from there you are being redirected to xxxx.unraid.net and since DNS isn't working that redirect is what fails. Have you setup the recommended static route? On the WireGuard config page, switch to advanced view and make sure you have added the recommended static route to your router. Without that, the router won't know how to send traffic back to your WireGuard client.
  9. great! glad you were able to get it working. I added a note about Cloudfare to the troubleshooting section.
  10. This is the issue. You need to change the Cloudfare Proxy status from "Proxied" to "DNS Only" The WireGuard client can't connect through the Cloudfare Proxy, it needs to connect directly to your router's IP
  11. I wouldn't call those settings "graceful". As I understand it, they are a last resort hack, and not ideal at all. I'd recommend Googling them and moving away from them if at all possible. It may be that your hardware isn't capable of doing all the passthroughs that you want to do. The VFIO-PCI process happens before Unraid installs any drivers. For some reason VFIO-PCI is failing to bind all the ports so Unraid goes ahead and installs the drivers. In Unraid 6.9 the VFIO-PCI process logs everything it does, so hopefully there would be a clue as to why it is not binding as expected. I would try it in 6.9.
  12. Dang, thought I was onto something there Assuming you are on the latest version of Unraid with the latest version of the plugin, I am out of ideas. It works for me, I don't understand why it isn't working for you.
  13. Please follow the quick start guide in the first two posts of this thread: It contains a lot more information than the blog post. Try connecting using Unraid's normal IP address. If the browser fails while connecting to that IP address, then your connection isn't working yet, see the troubleshooting section of the guide. If it fails after trying to redirect to "domain.local" then the problem is DNS. Getting "domain.local" to work from a remote (non-local) network is tough. You may have luck specifying your router's IP in the "peer dns" setting, but the better solution is to use a real domain name that any DNS server can resolve. i.e. use Unraid's built-in certificate so you get an xxxxxxx.unraid.net hostname that resolves to your internal IP address.
  14. The video is super helpful, thanks. Are you sure you are trying to block the right IP address? Your diagnostics show that Unraid has an IP of "", why are you trying to block ""? Perhaps you mean to block"?
  15. According to the syslog, the tunnel was started, then stopped, then started again: Jul 29 22:14:10 PvD-Unraid wireguard: Tunnel WireGuard-wg1 started ### [PREVIOUS LINE REPEATED 1 TIMES] ### Jul 29 22:14:28 PvD-Unraid wireguard: Tunnel WireGuard-wg1 stopped Jul 29 22:14:29 PvD-Unraid wireguard: Tunnel WireGuard-wg1 started So it looks like it is working correctly? Can you restate the problem? What went wrong with the final time it was started at 22:14:29?
  16. Those screenshots show that the WireGuard client is not able to communicate with the WireGuard server on Unraid. The most likely cause is an issue with the port forward through the router (that was the issue the person you quoted had). You can also check the "troubleshooting" section of the guide for more ideas, I've tried to consolidate the list of potential issues/solutions we have found there.
  17. I don't normally use the firewall feature, but I just tested it with "Rule: Deny" and "" and it did what it was supposed to do. I tried with "" (no "/32") and it worked correctly too. Since you are saying the tunnel won't start, there may be a clue in your syslog. To make it easy to find, first remove the problematic setting and start the tunnel, just to prove that it works. Then add the firewall IP back and restart the tunnel showing it fails. Then go to Tools -> Diagnostics and download the zip file, then upload the zip file to your next post.
  18. VPN Tunneled mode is for connecting to a commercial VPN provider. A peer endpoint (the commercial provider) is required. And there is need to generate a config, that is done by the commercial provider. See this post for more details about using VPN Tunneled mode: I'm guessing you are trying to do something that is invalid for VPN Tunneled mode. Maybe you need to choose a different access type for what you are trying to do? You can turn on help in the Unraid gui, or perhaps this post will point you in the right direction:
  19. If you look at the WireGuard client screenshot you'll see it connects to the duckdns address. Once the connection has been made you use the network pretty much as if you were physically one the network.
  20. You are using the wrong url here Once you have started WireGuard on your phone, open your browser and visit: http://<unraid internal ip> (Note: since we are going to an ip address, it must be http not https. That should then redirect to the proper url.)
  21. Are the desktop and unraid systems on different networks with different IP ranges? Also, be sure that you download a new client config every time you make an adjustment in the webgui.
  22. I don't know what would cause vfio-pci to skip devices, but as part of migrating this functionality to Unraid 6.9, everything vfio-pci does during bootup is now logged. More info here: https://forums.unraid.net/topic/93781-guide-bind-devices-to-vfio-pci-for-easy-passthrough-to-vms/ Check it out when 6.9 is released, or try a beta if you are feeling adventurous: https://forums.unraid.net/bug-reports/prereleases/
  23. This is resolved in the latest version of the Dynamix WireGuard plugin
  24. On the Plugins page, click the information icon to see the changelog