WireGuard quickstart


Recommended Posts

They are running device management "Blackberry UEM profile" that is pretty much tied into the whole device.  App installs are restricted, cellular data is monitored, etc...etc...

 

Even if it inhibits the snooping a bit, I'm happy.  Hence the reason for the questions.  I'm not trying to circumvent the whole thing, just if they no longer see what's being browsed, etc...etc... fine with me.

Edited by CoZ
clarification
Link to comment

Excuse the stupid question but if I have a openvpn .ovpn configuration file, can I use it with Wireguard or is Wireguard its own thing? I would like to have my Unraid server use my .ovpn file to connect using my own VPN provider. i.e. be a VPN client and have my VM use that interface/tunnel. I'm not looking for it to be a server. Is that possible with Wireguard?

 

Link to comment

One thing i think is i some how misconfiguratied wg with the wrong ip range i left it at default. 

 

So I just got connected for a few mins could get to unriad gui over mobile network. Then nothing i disconnected and go back on wifi and docker,vm, most settings and CA just hang . I can't reboot atm as doing a parity rebuild. This has been happening since i have installed WG. 

 

So it dose seem to be something to do with WG causeing the hangs. I think . 

 

Any ideas thanks

Link to comment
On 12/19/2019 at 10:48 PM, bonienl said:

Below an example configuration

It is mandatory to define a local endpoint (main server) and a peer endpoint (backup server). These endpoints can be a URL or a (public) IP address of the server.

 

When the main server is behind a NAT router then port forwarding must be set on the router.

The same is true for a NAT router used at the backup server (peer) side.

 

image.thumb.png.7e6cb358099a0330601f8533ec8b8165.png

@bonienl thanks for this screenshoot but this is only configuration for "main server", could you post screenshoot about "backup server" settings? I'm asking about it because I'm struggling with this for many hours.

I will be very grateful. Thank you.

Link to comment

Still no luck. my phone, for example, connects and gets an address and the DNS server. But I can't ping it from the interface and it doesn't actually work. I've tried all of the different variations of server to server, lan to lan, tunneled access, etc.

 

I just want to be able to log in and have it effectively act as if i was at home. But this gives no feedback and I have no idea what is going wrong.

Link to comment
On 1/26/2020 at 10:35 AM, FreeMan said:

At the moment, the two servers are sitting side-by-side at my house, both on the same network (192.168.1.x).

I believe this is the problem. Once you establish the tunnel there are two routes for the servers to communicate and things get confused. The two servers need to be on different networks.

Link to comment
32 minutes ago, tknx said:

Okay - so I can connect to my unraid server if I use the IP address but not if I use tower.local.

 

So???? Is that normal?

Not sure exactly. Name resolution for a private network over VPN is messy, but you did provide a DNS server so it seems like it would work. Unless maybe .local doesn't route? I don't honestly know. 

 

As mentioned in OP, I add a hosts file to the client to make sure "tower" can resolve.

Link to comment
On 2/1/2020 at 8:49 PM, frakman1 said:

Excuse the stupid question but if I have a openvpn .ovpn configuration file, can I use it with Wireguard or is Wireguard its own thing? I would like to have my Unraid server use my .ovpn file to connect using my own VPN provider. i.e. be a VPN client and have my VM use that interface/tunnel. I'm not looking for it to be a server. Is that possible with Wireguard?

 

WireGuard and OpenVPN do not share configuration files. They are very different.

 

It is possible to route your server's traffic through a WireGuard VPN Provider, more details here: 

 

Link to comment

OK, it is definitely a DNS related issue. If I set the DNS to my pi-hole/unbound, nothing resolves. If I set it to cloudflare, exterior sites like cnn.com work. But I can't get tower.local to work either way. I suppose I could use a hosts file to maybe redirect appropriately, but frankly that is just another thing to maintain and I am actually hoping to eventually figure out how to use some sort of IPAM.

 

So... for now, I'd still like to see about getting local addresses and routing through my pi-hole to work.

Edited by tknx
Link to comment

I'd guess that your VPN clients are unable to access the pi-hole VM at all.

 

I have the same problem, where clients connecting to WireGuard VPN on my main Unraid system are unable to communicate with a second install of Unraid running in a VM. Haven't figured that one out yet.

Link to comment
On 2/13/2020 at 9:15 PM, STABILO-BOSS said:

Hello unraiders,

I followed the guide here and tried the troubleshooting steps, however I am still struggling a little to get wireguard working.

I have posted my setup here: Link to images of setup

Am I doing something quite stupid? I believe my DuckDns is working grand.

I am running pihole on a seperate server, if that matters?

 

Cheers

Hey, just wondered if anyone could help point me in the right direction, regarding my previous post. I have since tried wiping the settings and going again, but I still get no connection at all. When I connect my phone, I get no handshake.

Link to comment

Just posting for some help

 

Wireguard setup as per the guide with Phone and Laptops as clients.

 

The phone works great, able to access LAN via wireguard perfectly.

Laptop (WIndows 10), not so great.  A connection is made and handshake recieved, however I cannot access any IPs on my LAN (inluding Unriad. Dockers), just times outs.

 

Whats going woring, I have both the Phone and Laptop client files setup identically.  WHy is the phone working perfectly, but the laptop not?

 

 

Link to comment
5 hours ago, quinctilius said:

Just posting for some help

 

Wireguard setup as per the guide with Phone and Laptops as clients.

 

The phone works great, able to access LAN via wireguard perfectly.

Laptop (WIndows 10), not so great.  A connection is made and handshake recieved, however I cannot access any IPs on my LAN (inluding Unriad. Dockers), just times outs.

 

Whats going woring, I have both the Phone and Laptop client files setup identically.  WHy is the phone working perfectly, but the laptop not?

I'm assuming your phone is connecting via data and not wifi, that eliminates any local network issues.

 

What about the laptop? Is it already on the same network as the server? If so, that won't work. The laptop needs to be on a different network (perhaps you could use your phone as a hotspot to test with)

Link to comment
12 minutes ago, ljm42 said:

I'm assuming your phone is connecting via data and not wifi, that eliminates any local network issues.

 

What about the laptop? Is it already on the same network as the server? If so, that won't work. The laptop needs to be on a different network (perhaps you could use your phone as a hotspot to test with)

As I was writing this, I have solved the issue!!!

 

I was using my phone data as a hotspot Wifi to test my Wireguard setup.

 

I have just tried on my works Wifi, and it seems to be working.  So please excuse my complete incompetence, although still don't know why my Laptop Wireguard won't work over my phones data connection, but the phone it self does???

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.