climber455
-
Posts
13 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by climber455
-
-
It looks like unraid is proxying my VM traffic when Wireguard is running.
-
2 hours ago, ljm42 said:
OK, so 192.168.20.1 is the direct IP of your router, without using VPN.
And 10.8.0.1 is some sort of VPN running on your router?I see no evidence of Unraid being used as a gateway or anything super strange like that.
I would look closer at how your router determines whether to send traffic through 10.8.0.1 or 192.168.20.1. Is it based on IP address or MAC address maybe? If so, you'll have to figure out why the router thinks the IP or MAC has changed.
So i got this sorted. If I add the IP address of the unraid server to my "route over vpn" policy on the router it works. It seems that when wireguard is active the VM manager of unraid sends all traffic from those VMs out the unraid internet connection regardless of policies set on the router.
-
1 hour ago, ljm42 said:
OK, so 192.168.20.1 is the direct IP of your router, without using VPN.
And 10.8.0.1 is some sort of VPN running on your router?I see no evidence of Unraid being used as a gateway or anything super strange like that.
I would look closer at how your router determines whether to send traffic through 10.8.0.1 or 192.168.20.1. Is it based on IP address or MAC address maybe? If so, you'll have to figure out why the router thinks the IP or MAC has changed.
You are correct. The vm running on unraid gets its ip from the router based on mac address, 192.168.20.4 in this case. The router sends traffic from 192.168.20.4 over the VPN. So activating wireguard on unraid is changing the ip of the vm? Seems weird. Maybe I'll try to statically assign the ip to the vm and test again.
-
1 hour ago, ljm42 said:
On the VM, try running "tracert www.google.com" in various configurations and see what changes. That will show you the path that the system is taking to get out to Google.
This from the VM. First trace is with the wireguard server inactive. The first IP is the gateway of the VPN. The second trace is with wireguard active. The VM isn't hitting the IP of the VPN gateway, it's using the router as the gateway.
-
Right, that's what my understanding is. However, when the server is active it appears that the traffic is going to Unraid first. If I set "local gateway uses NAT" to NO the problem goes away and clients can access the LAN but the remote tunneled access breaks. Just some observations for now. I know this is a work in progress.
-
Ok, i think there is a misunderstanding here. The tunnel is working fine for both clients, the VM is NOT a client. What is happening is that traffic from the VM that is running on Unraid gets routed incorrectly when the tunnel is turned on (in a active state).
The VM does not go through the tunnel at all, it's completely separate, it's just running on Unraid. IP Address of the VM is 192.158.20.4, it goes to the router and out an OpenVPN connection configured there. When wireguard is activated the traffic from the VM is getting my ISP public address, not the VPN address it should be. So it looks like the VM is using Wireguard as it's gateway for some reason. See the screenshots.Without Wireguard running....
With Wireguard running, remember this isn't configured to use wireguard at all.
Here is the routing table when the Wireguard server is running.
Sorry for being dense, maybe my configuration is just off.
-
17 minutes ago, nuhll said:
My guess would be that you misconfigured the IPs? make screenshots from your settings
The tunnel works correctly, it's just when it's active the VM that is running on Unraid bypasses the router configured VPN settings.
-
7 minutes ago, bonienl said:
What kind of VPN access are you configuring on Unraid?
I configured remote tunneled access for one device and remote access to LAN for another.
-
Let me first say that setting this up was a breeze, you guys did a great job. One thing I noticed though is at when Wireguard is running, even if no clients are connected, it breaks network bridging to my VM. My windows VM internet traffic gets sent over a vpn that is configured on my router, this determination is made based on the IP address of the VM itself. When wireguard is in an active state the VM internet traffic is basically bypassing my router based config and sending traffic out my regular internet connection. When i do a IP check i'm getting the public IP address of my internet connection, not the one supplied by the router VPN connection. I'm not entirely sure how this is happening, the only thing i can think is that there is a configuration bug with the network bridge in Unraid that the VM is using.
WireGuard quickstart
in Plugins and Apps
Posted
It's not that they aren't reachable. I have my router set up to send all the internet traffic from a VM running on unraid over an open vpn connection instead of my ISP. When Wireguard was running it sent all traffic from my VM over my ISP connection bypassing the VPN set up on the router. When I turned Wireguard off the traffic once again got routed over the OpenVPN connection on the router.
Setting NAT in Wireguard to "no" and adding a static route to my router keeps my VM traffic with the VPN connection on the router. This has solved my issue completely, THANK YOU @david279!