Autchirion Posted October 19, 2022 Share Posted October 19, 2022 (edited) Hello Guys, I just got my second server and set it up. I want to use my old server as an off-site backup (off site) solution in case of a disaster and my new server will be at home. Both Servers are running unraid 6.11.1. I've got wireguard running on my router to handle incomming VPN connections to my home. For all my other devices I'm using a simmilar config structure, however if I import this config and select "VPN tunneld access for System" it doesn't seem to work. Workflow (what I do on the server=> server response): Import the config (see code) => config shows up in interface select "VPN tunneld access for System" click Apply => config is stored reboot (just in case) set switch from inactive to inactive => switch directly jumps back to inactive and syslog output: "Oct 19 13:28:14 servername wireguard: Tunnel WireGuard-wg0 started" (no more output) check on my router => there was an initial handshake, but the connection got closed immediately after that Config: [Interface] PrivateKey = OffsitePrivateKey Address = 192.168.2.11/32 DNS = 8.8.8.8 [Peer] PublicKey = HomePublicKey AllowedIPs = 0.0.0.0/0 Endpoint = domain:port PersistentKeepalive = 25 I don't know what I'm doing wrong here, since this is working for all other devices I'm using. If anyone can point me into the right direction I would be greatfull. Thank you in advance Autchi Edited October 21, 2022 by Autchirion solved Quote Link to comment
ljm42 Posted October 19, 2022 Share Posted October 19, 2022 5 hours ago, Autchirion said: select "VPN tunneld access for System" Does it work if you choose one of the other peer options? If so, switch to advanced mode and see if there are any warnings/errors/required fields when you set it to "vpn tunneled access for system" If that doesn't help, open a web terminal and type: rm /var/log/wg-quick.log then try to start the tunnel. Go back to the web terminal and type: cat /var/log/wg-quick.log and copy/paste the result back here. Hopefully there will be some clues. Quote Link to comment
Autchirion Posted October 20, 2022 Author Share Posted October 20, 2022 (edited) I already tried the "vpn tunneled access for Docker" option, same behavior. The other options all require "Peer allowed IPs:" which I don't exactly know what is supposed to be put in. I delete the wq-quick.log and then activated the tunnel set for Docker (btw. had to reboot the server first, before that wg-quick.log wasn't beeing created): server:~# cat /var/log/wg-quick.log wg-quick up wg0 (autostart) [#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 [#] ip -4 address add 192.168.2.11 dev wg0 [#] ip link set mtu 1420 up dev wg0 [#] wg set wg0 fwmark 51820 [#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820 [#] ip -4 rule add not fwmark 51820 table 51820 [#] ip -4 rule add table main suppress_prefixlength 0 [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1 [#] iptables-restore -n [#] logger -t wireguard 'Tunnel WireGuard-wg0 started' [#] ip -4 route flush table 200 [#] ip -4 route add default via 192.168.2.11 dev wg0 table 200 [#] ip -4 route add 192.168.1.0/24 via 192.168.1.1 dev table 200 Error: either "to" is duplicate, or "200" is a garbage. [#] iptables-restore -n [#] ip -4 rule delete table 51820 [#] ip -4 rule delete table main suppress_prefixlength 0 [#] ip link delete dev wg0 Edited October 20, 2022 by Autchirion Quote Link to comment
ljm42 Posted October 20, 2022 Share Posted October 20, 2022 14 hours ago, Autchirion said: [#] ip -4 route add 192.168.1.0/24 via 192.168.1.1 dev table 200 Error: either "to" is duplicate, or "200" is a garbage. Sorry, you are running into this bug: https://forums.unraid.net/topic/129257-6111-vpn-tunnel-failing/#comment-1181934 We're working on a fix for the next release Quote Link to comment
Solution ljm42 Posted October 20, 2022 Solution Share Posted October 20, 2022 @Autchirion And just like that we've got the fix https://forums.unraid.net/topic/129257-6111-vpn-tunnel-failing/page/2/#comment-1182737 Quote Link to comment
Autchirion Posted October 21, 2022 Author Share Posted October 21, 2022 solved it for me, thank you 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.