CorserMoon Posted December 6, 2021 Share Posted December 6, 2021 5 minutes ago, bclinton said: Going nuts trying to figure out what is causing my issue with wireguard. Connecting from windows 10 machines. Can access the internet with my browser after connecting to wireguard with the remote tunnelling option however I can not connect to my unraid server. I get "Hmmm… your Internet access is blocked Firewall or antivirus software may have blocked the connection." on 2 different laptops. My server dashboard shows the unraid server online but when I click local access I get the error message. However on my android phone it works fine after I connect to wireguard. I am able to get to my unraid server and use the tunnel for internet access. Looking for suggestions. Are your other windows machines connecting from a different network/subnet? Quote Link to comment
bclinton Posted December 6, 2021 Share Posted December 6, 2021 (edited) 6 minutes ago, CorserMoon said: Are your other windows machines connecting from a different network/subnet? No, all devices are on 192.168.1.X I am wondering if there is something going on specific with windows causing this error message. Edited December 6, 2021 by bclinton Quote Link to comment
CorserMoon Posted December 6, 2021 Share Posted December 6, 2021 1 minute ago, bclinton said: No, all devices are on 192.168.1.X No, I mean are the windows machines that you are using wireguard on signed on to a different Wi-Fi network than where the unraid server is? You can't sign into a VPN while still on the same LAN. Quote Link to comment
bclinton Posted December 6, 2021 Share Posted December 6, 2021 3 minutes ago, CorserMoon said: No, I mean are the windows machines that you are using wireguard on signed on to a different Wi-Fi network than where the unraid server is? You can't sign into a VPN while still on the same LAN. That was my problem! Thanks my friend. I feel stupid Now I know to test wireguard from a separate network Quote Link to comment
CorserMoon Posted December 6, 2021 Share Posted December 6, 2021 2 minutes ago, bclinton said: That was my problem! Thanks my friend. I feel stupid Now I know to test wireguard from a separate network No worries! Glad it was an easy fix! Quote Link to comment
ljm42 Posted December 6, 2021 Author Share Posted December 6, 2021 On 11/24/2021 at 10:36 AM, CorserMoon said: I've gone through the set-up and troubleshooting several times and still having issues with getting Remote Tunneled Access working correctly. Help, I'm stuck. Symptoms: Can connect to VPN but only able to access unraid (192.168.1.107) No access to other LAN IPs. I know dockers with custom IPs wont work, but I can't even access IP cameras, other devices, router, etc. No Access to Router (192.168.1.254). No internet when using router ip as DNS. When adding a public dns like 1.1.1.1, I can access internet, but still no access to other LAN devices. Troubleshooting Tried connecting from different wifi network that is on different subnet (192.168.68.x) Tried connecting from 5G cell network Tried on both cell phone (wifi and 5g) and laptop (wifi) Updated apps, updated vpn files/config UDP port forwarded Settings>Network Settings>Enable Bridging = Yes Settings>Docker>Host Access to Custom Networks = Yes I used to use OpenVPN and didnt have issues so I'm pretty sure my network setup isn't overly complicated. Attached images of VPN and Network settings for reference. Everything looks ok. My only suggestion would be to try setting "Use NAT" to No so the webgui tells you what static route to create, and see if creating that helps. 1 Quote Link to comment
CorserMoon Posted December 6, 2021 Share Posted December 6, 2021 1 hour ago, ljm42 said: Everything looks ok. My only suggestion would be to try setting "Use NAT" to No so the webgui tells you what static route to create, and see if creating that helps. Any idea if you can set up a static route on an ATT Arris BGW210? Quote Link to comment
CorserMoon Posted December 6, 2021 Share Posted December 6, 2021 1 hour ago, ljm42 said: Everything looks ok. My only suggestion would be to try setting "Use NAT" to No so the webgui tells you what static route to create, and see if creating that helps. Not sure if this is normal or not, but when looking at the Unraid network settings Routing Table, the 2 VPN IPs (10.253.0.2 & 10.253.0.3) hace "wg0" as the gateway. Is that expected? Quote Link to comment
CorserMoon Posted December 6, 2021 Share Posted December 6, 2021 (edited) I ran the 'wg' command in unraid to ensure i was connected and I noticed that the peer endpoint (my phone connecting from 5G using duckdns) has a random port on the end of the ip. Is this expected? The server endpoint I set up is [mydomain].duckdns.org:51820. Edited December 6, 2021 by CorserMoon Quote Link to comment
ljm42 Posted December 6, 2021 Author Share Posted December 6, 2021 10 hours ago, CorserMoon said: Not sure if this is normal or not, but when looking at the Unraid network settings Routing Table, the 2 VPN IPs (10.253.0.2 & 10.253.0.3) hace "wg0" as the gateway. Is that expected? 40 minutes ago, CorserMoon said: I ran the 'wg' command in unraid to ensure i was connected and I noticed that the peer endpoint (my phone connecting from 5G using duckdns) has a random port on the end of the ip. Is this expected? The server endpoint I set up is [mydomain].duckdns.org:51820. These are both normal Quote Link to comment
CorserMoon Posted December 6, 2021 Share Posted December 6, 2021 6 hours ago, ljm42 said: These are both normal hm. I don't know what is going on the. I've tried different vpn subnets, trashing everything and restarting from scratch, and still same behavior. Anyone else here running an ATT residential fiber gateway that has wireguard working? I'm wondering if some baked in firewall rules on the router is the issue. Quote Link to comment
chasun Posted December 10, 2021 Share Posted December 10, 2021 I'm having issues with SSH while connected to a wireguard tunnel. My unraid server has a wireguard tunnel set up and a peer with type of access set to remote tunneled access. While my laptop is connected to my server via wireguard I can connect to the internet, access the webui, and SSH into the unraid server. However, while connected to wireguard I cannot SSH into any other machines on my servers LAN nor other machines over the internet. When SSHing into machines on my server's LAN, SSH usually hangs for a bit then outputs "Connection closed by xxx.xxx.xxx.xxx port 22", whereas machines over the internet output "ssh: Could not resolve hostname ssh.xxxxxxx.xxx: Temporary failure in name resolution" when using web address and "Connection closed by xx.xxx.xxx.xxx port 22" when using ip. Any ideas? Thanks in advance. Quote Link to comment
CorserMoon Posted December 10, 2021 Share Posted December 10, 2021 20 hours ago, chasun said: I'm having issues with SSH while connected to a wireguard tunnel. My unraid server has a wireguard tunnel set up and a peer with type of access set to remote tunneled access. While my laptop is connected to my server via wireguard I can connect to the internet, access the webui, and SSH into the unraid server. However, while connected to wireguard I cannot SSH into any other machines on my servers LAN nor other machines over the internet. When SSHing into machines on my server's LAN, SSH usually hangs for a bit then outputs "Connection closed by xxx.xxx.xxx.xxx port 22", whereas machines over the internet output "ssh: Could not resolve hostname ssh.xxxxxxx.xxx: Temporary failure in name resolution" when using web address and "Connection closed by xx.xxx.xxx.xxx port 22" when using ip. Any ideas? Thanks in advance. I'm in a similar boat. Wireguard seems to be plug and play for some and broken for others like us. Quote Link to comment
Nodiaque Posted December 31, 2021 Share Posted December 31, 2021 Hello everyone, I seems to have a common issue and I cannot find the problem. I've setup wireguard with 8.8.8.8 as dns. I have Host Access Enabled because if I don't, my pihole running on br0 cannot be contacted. Local server uses nat to no, peer type of access to Remote access to LAN. I also added 2 rules in my pfsense source: 10.253.0.0/24 (vpn) destination: unraid ip protocol: any and source: 10.253.0.0/24 (vpn) destination: lan ip address protocol: any With that, I can access the Internet through my VPN and I can reach my unraid server, but I cannot access anything else on the network (neither docker container with there own IP or other device on the network). I don't have vlan, thus all my devices are on the same subnet, same as my server and my docker with fixed ips. Is there a way to have that? Thank you Quote Link to comment
CorserMoon Posted December 31, 2021 Share Posted December 31, 2021 21 minutes ago, Nodiaque said: Hello everyone, I seems to have a common issue and I cannot find the problem. I've setup wireguard with 8.8.8.8 as dns. I have Host Access Enabled because if I don't, my pihole running on br0 cannot be contacted. Local server uses nat to no, peer type of access to Remote access to LAN. I also added 2 rules in my pfsense source: 10.253.0.0/24 (vpn) destination: unraid ip protocol: any and source: 10.253.0.0/24 (vpn) destination: lan ip address protocol: any With that, I can access the Internet through my VPN and I can reach my unraid server, but I cannot access anything else on the network (neither docker container with there own IP or other device on the network). I don't have vlan, thus all my devices are on the same subnet, same as my server and my docker with fixed ips. Is there a way to have that? Thank you Yea, similar issue to me (though I don't use pihole). I can only access unraid when i have the DNS set to my router but no internet and no LAN. If I add a public DNS like 8.8.8.8, I can then access internet, but still no LAN. I've read through dozens of threads and reddit posts and still have been unable to get local LAN access to work. Quote Link to comment
ljm42 Posted December 31, 2021 Author Share Posted December 31, 2021 Yea, similar issue to me (though I don't use pihole). I can only access unraid when i have the DNS set to my router but no internet and no LAN. If I add a public DNS like 8.8.8.8, I can then access internet, but still no LAN. I've read through dozens of threads and reddit posts and still have been unable to get local LAN access to work. Give me some examples of things you are trying to access. http://whatSent from my GM1917 using Tapatalk Quote Link to comment
CorserMoon Posted December 31, 2021 Share Posted December 31, 2021 2 minutes ago, ljm42 said: Give me some examples of things you are trying to access. http://what Sent from my GM1917 using Tapatalk With only my router IP as the DNS, I can only access unraid (192.168.1.107) but no internet (http://www.google.com for example) and no other devices on my LAN such as 192.168.1.254 (router), 192.168.1.111 (managed switch) or 192.168.1.201 (Hubitat), etc. If I add 8.8.8.8 to the DNS record (so it's then 192.168.1.254,8.8.8.8) I can access unraid (192.168.1.107) and the internet (Google, etc), but still no other LAN IPs. Right now I'm at my in-laws on their network which is 192.168.68.x so that shouldn't be a conflict. Quote Link to comment
ljm42 Posted December 31, 2021 Author Share Posted December 31, 2021 With only my router IP as the DNS, I can only access unraid (192.168.1.107) but no internet (http://www.google.com for example) and no other devices on my LAN such as 192.168.1.254 (router), 192.168.1.111 (managed switch) or 192.168.1.201 (Hubitat), etc. If I add 8.8.8.8 to the DNS record (so it's then 192.168.1.254,8.8.8. I can access unraid (192.168.1.107) and the internet (Google, etc), but still no other LAN IPs. Right now I'm at my in-laws on their network which is 192.168.68.x so that shouldn't be a conflict. OK if you are accessing by IP then DNS isn't the issue. Sorry, all of the tips I have are in the first two posts, I don't have any other ideas.Sent from my GM1917 using Tapatalk Quote Link to comment
CorserMoon Posted December 31, 2021 Share Posted December 31, 2021 26 minutes ago, ljm42 said: OK if you are accessing by IP then DNS isn't the issue. Sorry, all of the tips I have are in the first two posts, I don't have any other ideas. Sent from my GM1917 using Tapatalk I'm thinking it is either weirdness with my gateway (ATT fiber gateway) or corruption/conflicts with the unraid routing table. I may try resetting the unraid network settings so see if that helps. I'm also in hte process of building a pfsense box and bypassing the gateway. Hopefully one of those fixes the issue. Quote Link to comment
Nodiaque Posted December 31, 2021 Share Posted December 31, 2021 I've read somewhere that there's a routing inside the wireguard in unraid and that's what blocking us from accessing LAN IP. My question is, does it work from someone? Quote Link to comment
shawnngtq Posted January 9, 2022 Share Posted January 9, 2022 Question My router has built-in vpn. If I am outside home network, I can connect to my router vpn, then access my unraid. In this case, is there any pro/con installing wireguard, do I still need it? Quote Link to comment
ljm42 Posted January 9, 2022 Author Share Posted January 9, 2022 1 hour ago, shawnngtq said: Question My router has built-in vpn. If I am outside home network, I can connect to my router vpn, then access my unraid. In this case, is there any pro/con installing wireguard, do I still need it? If you are happy with your current solution then you don't need to switch. A lot of people do not have VPN-capable routers, or their Unraid boxes are much more powerful than their routers, or they don't like administering their routers. We created the Unraid VPN solution for those folks. 1 Quote Link to comment
shawnngtq Posted January 11, 2022 Share Posted January 11, 2022 I ended downloading this instead of using my router's built-in VPN, since my PC is definitely stronger than my router. 1 Quote Link to comment
TimTheSettler Posted January 22, 2022 Share Posted January 22, 2022 I have three servers in three different locations with each server talking to the other servers through Wireguard. Everything works ok for a few days and then server2 and server3 no longer talk to each other. In the screenshot below you can see that opnsense is denying the communication. The red "deny" log entries are the failed attempts of server2 to talk to server3. The thing is that Wireguard is configured to use port 51822 but it's using 31633. If I disable the tunnel on server2, wait about 10 seconds, and then re-enable it the tunnel connects ok again using the proper port 51822 as you can see below with the blue and green log entries. Quote Link to comment
J05u Posted February 6, 2022 Share Posted February 6, 2022 Hey, small question. I am having no issues to connect to my server via wireguard, but i can't connect to dockers on my network What i am doing wrong? Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.