Adromir Posted December 23, 2019 Share Posted December 23, 2019 I've trying to set up wireguard for a few days by now, but I haven't been successful at all. I stick exactly with the quick start guide and the only thing I change is my duckdns address and using a tunneled access. But as soon as I connect, I can't access my lan or any website on my phone. Unraid gui says that the tunnel is active and a few kbs are transferred but no handshake was made. Port forwarding in router is set up and obviously working Quote Link to comment
ucliker Posted December 23, 2019 Share Posted December 23, 2019 I have been trying for days to get the port forwarding message to go away. I have a Frontier router and I have port forwarded many times and this is the only time I can't get it to work. It's driving me crazy! Quote Link to comment
relink Posted December 24, 2019 Share Posted December 24, 2019 So I found an insane solution for those of us who want the nice slick Wireguard UI that Unraid provides, all while being able to access everything! Now im going to start by saying this is kind of stupid, and ill likely stop using this setup once the issue of not being able to access dockers and VMs gets fixed. So here it is...run a second unraid machine. Now to clarify, The Wireguard UI is plugin, which means it doesn't need the array running in order to work. So I took a little Intel based micro computer I had lying around, made an unraid USB and booted up. I skipped right past the license screen, didn't even sign up for a trial key, nothing. I just went straight to plugins page installed the CA App Store, and then installed Wireguard. From there I set it up like normal. You probably should go to users and set a password though. Now I can access everything on my LAN including all the Dockers and VMs on my main unraid tower. And it is running great so far. I feel a little wasteful using a core i5 to run a wireguard server, but hey, it wasn't doing anything else, and unraids wireguard implementation is worth it. Quote Link to comment
FreeMan Posted December 24, 2019 Share Posted December 24, 2019 1 hour ago, ucliker said: I have been trying for days to get the port forwarding message to go away. I have a Frontier router and I have port forwarded many times and this is the only time I can't get it to work. It's driving me crazy! It doesn't go away. As noted in the OP (or somewhere on the first page) if you do not have uPNP enabled, unRAID cannot set up the port forward for you, so it puts up the "nag" reminder and it stays. If it doesn't do the work for you, it can't tell that you've done it, so it just leaves it there. That said, maybe in some future version, it might be able notice a successful connection and remove the nag assuming that a connection means you got the port forward set up right. Quote Link to comment
bonienl Posted December 24, 2019 Share Posted December 24, 2019 5 hours ago, FreeMan said: That said, maybe in some future version, it might be able notice a successful connection and remove the nag assuming that a connection means you got the port forward set up right. WireGuard doesn't really report a connection status. It is silent by design and doesn't have a mechanism to keep a connection in a 'connected' status. Quote Link to comment
FreeMan Posted December 24, 2019 Share Posted December 24, 2019 WireGuard doesn't really report a connection status. It is silent by design and doesn't have a mechanism to keep a connection in a 'connected' status.I figured that would be misinterpreted - my bad. Somehow, somewhere, the server can tell that the tunnel is active and that traffic is moving over it - it's reported on the dashboard. If that reporting mechanized could set a flag that the settings page can read, then the settings page would know that things must be working correctly and could remove the notification to port forward. It would be a one-time set at the dashboard and each time the settings page comes up, it checks the flag to see if it should display the notice. The flag should be reset if the port is changed in the settings because, of course, you now have to forward a new port. Just a thought. Sent from Tapatalk Quote Link to comment
xl3b4n0nx Posted December 26, 2019 Share Posted December 26, 2019 I have setup the tunnel configuration and I am working on adding a peer. I want to use the 'Remote access to LAN' setting, but when I go to apply it the button won't click. Anyone else having this problem? Quote Link to comment
bonienl Posted December 26, 2019 Share Posted December 26, 2019 (edited) 10 hours ago, xl3b4n0nx said: I have setup the tunnel configuration and I am working on adding a peer. I want to use the 'Remote access to LAN' setting, but when I go to apply it the button won't click. Anyone else having this problem? Select Advanced mode and check if a mandatory field is missing A bug in the latest version, need to correct that.... DONE Edited December 26, 2019 by bonienl Quote Link to comment
ramiro Posted December 26, 2019 Share Posted December 26, 2019 Yes i have exactly the same problem , it also resets the local endpoint address. Quote Link to comment
bonienl Posted December 26, 2019 Share Posted December 26, 2019 (edited) I made an update available with the fix. Version: 2019.12.26d Regarding local endpoint, this could happen due to a mistake in one of the earlier versions. You need to enter it again and it should work from now on. Perhaps it is a good idea to re-apply the settings (just make a change and undo the change to activate Apply). This will generate a new and proper settings file for both server and peer(s). Edited December 26, 2019 by bonienl Quote Link to comment
ramiro Posted December 26, 2019 Share Posted December 26, 2019 Thank you its working fine now. Quote Link to comment
bonienl Posted December 26, 2019 Share Posted December 26, 2019 (edited) More updates... version 2019.12.26b 2019.12.26c 2019.12.26d VPN tunneled access was broken. Edited December 26, 2019 by bonienl Quote Link to comment
bonienl Posted December 27, 2019 Share Posted December 27, 2019 Yesterday's version has some regressions error. Please update to version 2019.12.27 Quote Link to comment
RAINMAN Posted December 27, 2019 Share Posted December 27, 2019 I'm using wireguard to have all unraid outgoing connections go though a VPN. Pain to setup as some of the options needed wont allow. I had to export the config it generated, make the changes and import it back, and if I make any change though the UI it fails again. Either way, that's setup now but it seems like any outside data I forward through my router to a docker doesn't work. Example, I am using a MQTT docker with bridge networking. I setup port forward on my router for 1883 to unraid. It was working fine/is working fine. If I have the VPN connected I cant connect to the MQTT server from outside my network. If I turn off the VPN it works fine again. Is there something i need to do to make this work? Quote Link to comment
bonienl Posted December 27, 2019 Share Posted December 27, 2019 1 hour ago, RAINMAN said: I'm using wireguard to have all unraid outgoing connections go though a VPN. Pain to setup as some of the options needed wont allow. I had to export the config it generated, make the changes and import it back, and if I make any change though the UI it fails again Care to explain in more detail, perhaps with screenshots? 1 hour ago, RAINMAN said: but it seems like any outside data I forward through my router to a docker doesn't work. If I understand you correctly, you have set up a "VPN tunneled access" connection. Such a connection allows Unraid to reach the outside world via a VPN provider, but likely not the other way round. Depends on the VPN provider. Quote Link to comment
RAINMAN Posted December 27, 2019 Share Posted December 27, 2019 (edited) 7 hours ago, bonienl said: Care to explain in more detail, perhaps with screenshots? If I understand you correctly, you have set up a "VPN tunneled access" connection. Such a connection allows Unraid to reach the outside world via a VPN provider, but likely not the other way round. Depends on the VPN provider. Ok, maybe I had some field wrong, when I go through it again from scratch it works. There is no way to set DNS though. Perhaps there can be a field for additional custom options. My VPN will try and push 10.9.0.1 as its DNS for my external devices but when I am internal to my network I want to force DNS = 192.168.254.50, 192.168.254.30. I have VPN tunneled access, yes. I am not trying to send to the VPN though. Remote server -- 1883 --> Home IP (Router) Forward to -- 1883 --> 192.168.254.3 --> MQTT Docker. I wouldn't expect the VPN to have any impact on this route? If I disable the VPN it works so somehow the VPN is blocking the connection to the local IP of my unraid box. If I use MQTT internal to my network its fine VPN on or off. Edited December 27, 2019 by RAINMAN Quote Link to comment
RAINMAN Posted December 27, 2019 Share Posted December 27, 2019 (edited) If I put by MQTT docker on a custom: br0 network and assign it an IP and port forward to that IP, then I can get my outside connection to work but all my internal connections are dead because I have to go through and re-program them all. (many are arduinos so its a PITA if I need to change the IP) Edit: it gets weirder, from a different webserver it does seem to connect fine. I'm not sure where it would be blocking traffic from that server only, and only when the VPN is enabled. Any suggestions where to look or what to look at? Edited December 27, 2019 by RAINMAN Quote Link to comment
ucliker Posted December 28, 2019 Share Posted December 28, 2019 On 12/23/2019 at 6:55 PM, FreeMan said: It doesn't go away. As noted in the OP (or somewhere on the first page) if you do not have uPNP enabled, unRAID cannot set up the port forward for you, so it puts up the "nag" reminder and it stays. If it doesn't do the work for you, it can't tell that you've done it, so it just leaves it there. That said, maybe in some future version, it might be able notice a successful connection and remove the nag assuming that a connection means you got the port forward set up right. Thanks, Yes I got it working but I just assumed the "nag" reminder would go away. Thanks for the input though, it was driving me nuts. Quote Link to comment
BigIron Posted December 29, 2019 Share Posted December 29, 2019 I am using Wireguard and have been for a couple of weeks. The remote access was working great. As of today, I am now getting the error "UPnP: forwarding not set" Or UPnP: **.**.**.***:51820->192.168.0.166:51820/UDP Any ideas? Quote Link to comment
BigIron Posted December 29, 2019 Share Posted December 29, 2019 5 minutes ago, BigIron said: I am using Wireguard and have been for a couple of weeks. The remote access was working great. As of today, I am now getting the error "UPnP: forwarding not set" Or UPnP: **.**.**.***:51820->192.168.0.166:51820/UDP Any ideas? I had to redo the Wireguard authorization completely. The handshake dropped. Quote Link to comment
bonienl Posted December 29, 2019 Share Posted December 29, 2019 When using UPnP, Unraid will periodically check the status on your router. This requires server and router to communicate with each other. If this communication gets broken or the router lost the UPnP setting, you will the message that UPnP is not set Quote Link to comment
darkreeper Posted December 29, 2019 Share Posted December 29, 2019 Hello,has someone already done a server to server setup? I want to connect 2 unraid servers on different locations.Any hints?Gesendet von meinem MI 8 mit Tapatalk Quote Link to comment
kri kri Posted December 30, 2019 Share Posted December 30, 2019 On 12/29/2019 at 5:09 AM, darkreeper said: Hello, has someone already done a server to server setup? I want to connect 2 unraid servers on different locations. Any hints? Gesendet von meinem MI 8 mit Tapatalk Look back a page https://forums.unraid.net/topic/84226-wireguard-quickstart/?do=findComment&comment=800735 Quote Link to comment
darkreeper Posted December 30, 2019 Share Posted December 30, 2019 When I open your link it tells me the page doesn't existGesendet von meinem MI 8 mit Tapatalk Quote Link to comment
charlescc1000 Posted December 30, 2019 Share Posted December 30, 2019 I'm having issues with getting the handshake to successfully occur. I have WG setup on my Unraid server using the public IP. (I will use DDNS later, but I'm trying to reduce variables to solve this problem.) I am running an EdgeRouter and setup a port forward to my unraid server. I've ensured bridging is enabled on eth0. I have configured a peer as "Remote Access to LAN" and tested this config using the QR code method on my iPhone. I can't get my iPhone to handshake with Unraid. I have Local server uses NAT set to Yes for now. Will setup the static route later once I can get the basic stuff working. Here is an screenshot of my configuration: I read through this whole thread and saw some people had the same issue as me and tried the different solutions that worked for them, but none worked for me. Any thoughts on what I can do to identify the issue? Thanks! Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.