Can't connect to container (pihole) that is on br0 network when connecting over built-in Wireguard VPN

rousseau

By rousseau
in Docker Engine

Recommended Posts

rousseau Noob

rousseau

Posted
Posted (edited)

Hi, 

 

My apologies if I am posting in the wrong place, I am new to this forum and still figuring it out.

 

 

My setup:

-Unraid v6.11.5, fixed IP 192.168.1.111

-activated a Wireguard VPN in the built-in 'Settings', 'VPN Manager'

-pihole docker installed using network 'Custom : br0' (was one of the pre-existing options, I did not create it), and a fixed IP 192.168.1.112

 

 

Behaviour:

-when I am on my local network, I am able to connect to the Unraid GUI by going to 192.168.1.111

-when I am on my local network, I am able to connect to the pihole GUI admin page by going to 192.168.1.112

-when I am on another network and make a Wireguard connection, I am able to connect to the Unraid GUI by going to 192.168.1.111

-when I am on another network and make a Wireguard connection, I am not able to connect to the pihole GUI admin page by going to 192.168.1.112, instead I get a 'page not found' error

 

 

From watching 

 

I think that the problem is the Unraid built-in Wireguard VPN server does not know how to access the Docker br0 network IP address 192.168.1.112 of the pihole container.

 

 

I don't know how to fix this problem (if that is actually the problem), and I thought I would ask here for help before I start trying to figure out IPVLANs and static routes (if that might solve my current problem).

 

Thank you very much for the help!

 

 

Edit:

 

I followed the instructions for 'Complex Network' from here ( 

 ), and now I have a new problem.

 

Current behaviour:

-connection from another network by WireGuard allows me to access the Unraid server, and the Docker containers (wasn't able to do this earlier, so this problem appears fixed with the instructions at the above link), but now there is a new problem:

--I cannot access outside (WAN) addresses, I am limited to only being able to access LAN addresses.

 

Banging my head against a wall here, hopefully someone has a solution? Thank you a million!

Edited by rousseau
updated information
  • Upvote 1
Link to comment
ljm42 Experienced

ljm42

Posted
Posted
8 hours ago, rousseau said:

I cannot access outside (WAN) addresses, I am limited to only being able to access LAN addresses.

 

You need to set the "Peer type of access" to "Remote tunneled access".

 

Try accessing a WAN address by IP and see if the issue is the connection or if it is DNS.

 

If the issue is DNS, set the "Peer DNS Server" to 8.8.8.8 and get that working before you try setting it to the pihole.

 

And don't forget to update the client every time you edit the wireguard tunnel on the server.

  • Like 1
Link to comment
  • 2 months later...
rousseau Noob

rousseau

Posted
  • Author
Posted
23 minutes ago, ShivFPS said:

were you able to find a solution or is this just a bug in unraid/wireguard

 

Unfortunately I was not able to find a solution.

 

In another thread I saw there is a known bug with Unraid's networking when the "Host access to custom networks" is enabled.

 

I think the combination of using Wireguard, Host access to custom networks, and Docker makes the bug surface and breaks the Unraid network settings.

 

I ended up setting up a Raspberry Pi as a Wireguard server and it has been absolutely rock solid since day 1. Quite impressive actually. Hopefully Unraid fixes its networking bugs so that Wireguard works, because it seems to be super efficient (when it works).

Link to comment
ShivFPS Noob

ShivFPS

Posted
Posted
24 minutes ago, rousseau said:

 

Unfortunately I was not able to find a solution.

 

In another thread I saw there is a known bug with Unraid's networking when the "Host access to custom networks" is enabled.

 

I think the combination of using Wireguard, Host access to custom networks, and Docker makes the bug surface and breaks the Unraid network settings.

 

I ended up setting up a Raspberry Pi as a Wireguard server and it has been absolutely rock solid since day 1. Quite impressive actually. Hopefully Unraid fixes its networking bugs so that Wireguard works, because it seems to be super efficient (when it works).

Ah I see.

with all these fiascos happening often I'm this close to building a custom router with wireguard for reasons like these since I can't seem to find any RPi's within reasonable cost around me

Link to comment
juan11perez Explorer

juan11perez

Posted
Posted
On 2/1/2023 at 6:57 AM, ljm42 said:

 

You need to set the "Peer type of access" to "Remote tunneled access".

 

Try accessing a WAN address by IP and see if the issue is the connection or if it is DNS.

 

If the issue is DNS, set the "Peer DNS Server" to 8.8.8.8 and get that working before you try setting it to the pihole.

 

And don't forget to update the client every time you edit the wireguard tunnel on the server.

@ljm42

 

Short note to thank you for this guidance. I've been trying to work this out for a while. 

I changed the tunnel as per your instruction and I can access lan and vlans.

 

  • Like 1
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing