Impossible to connect to webgui through VPN


Go to solution Solved by ljm42,

Recommended Posts

Hi all


I encountered an issue with the setup of Wireguard VPN. I am not able to connect to the web GUI from my smartphone with VPN (hosted on unraid server) enabled.

It works with some configurations but not with the one I want.

Here are the settings I tried (I will call that configuration the "faulty configuration")

Management access:

  - Use SSL/TLS: strict

  - Certificate: one generated from myunraid.net (local IP + hash + myunraid.net)

VPN manager:

  - All default except the following

  - Peer type of access: Remote access to server

 

In my Internet Provider Box:

  - I added a rule to redirect the port 51820 to my Unraid server

 

That configuration does not work with my phone, it is impossible to load the page https://xxxxxxx.myunraid.net/

 

However, I achieved to connect to the server through my phone with different kind of configurations:

1) Faulty configuration above, but "peer type of access" set to Remote tunneled access

2) Faulty configuration above, but "use SSL/TLS" set to no and connecting to http://my.local.ip/ or http://10.253.0.2/

3) Faulty configuration above, but "use SSL/TLS" set to yes and connecting to https://my.local.ip/ or https://10.253.0.2/

 

I am pretty sure I miss something. I wonder if I need to set something else or maybe if it is impossible to use https://xxxxxxx.myunraid.net/ both locally and through a VPN.

I know that the VPN is working a bit with the "faulty configuration" as if I load the page https://my.local.ip/, it returns a nginx error (which is normal since use SSL / TLS is set to "strict" and the server shall be access through the xxx.myunraid.net url).

 

Thanks!

Link to comment
  • Solution

The webgui only responds via Let's Encrypt SSL using the LAN IP, not the tunnel IP, but "Remote access to server" only provides access to the tunnel IP. To access the LAN IP you need one of the other "peer type of access" options, such as "Remote access to LAN" or "Remote tunneled access".

 

The other option as you mentioned is to relax the "use SSL/TLS" setting to allow you to access the webgui via IP address.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.