ljm42 Posted February 27, 2020 Author Share Posted February 27, 2020 3 minutes ago, quinctilius said: As I was writing this, I have solved the issue!!! I was using my phone data as a hotspot Wifi to test my Wireguard setup. I have just tried on my works Wifi, and it seems to be working. So please excuse my complete incompetence, although still don't know why my Laptop Wireguard won't work over my phones data connection, but the phone it self does??? Interesting, the hotspot must be blocking the UDP port. I would not have guessed that. Glad you were able to get it working! Quote Link to comment
Ryonez Posted February 29, 2020 Share Posted February 29, 2020 Is it only possible to have one active tunnel at a time? I've been trying to set up a second one to create a game network. I have another one, an admin network that has docker access that's working fine. But this second one I can get the client and server to handshake. Any idea what the issue might be? Quote Link to comment
in_trauma Posted March 1, 2020 Share Posted March 1, 2020 On 10/15/2019 at 1:24 PM, bu2d said: I was having problems getting this all to work but I figured it out after about an hour. I was able to connect to the vpn but was not able to connect to anything on my network or get an internet connection on my phone. It turned out to be a DNS issue and adding the address of my home router as the DNS server to the wireguard app on my phone fixed all of my problems. Overall, easier to setup than openvpn but still took a while to troubleshoot. I will probably keep openvpn as a backup to wireguard. This needs to be noted for dummies like me. I took me a while to figure out as well. I tried to set it as my pi-hole as DNS but no go. Setting to my router DNS worked for internet access. 1 Quote Link to comment
Squid Posted March 1, 2020 Share Posted March 1, 2020 13 minutes ago, in_trauma said: I tried to set it as my pi-hole as DNS but no go Even though you've solved this, should be noted for others that there is zero reason to ever set pi-hole as your DNS for unRaid. Causes too many issues. And if you're using the webUI boot mode and surfing via Firefox random websites (and hence wanting ad blocking there), then you also shouldn't be doing that. That boot mode is designed for management of the server, not surfing around. Quote Link to comment
MagicMountainMan Posted March 2, 2020 Share Posted March 2, 2020 To share my experience as I had quite a difficult time setting it up with my multiple VLANs, I ended up just clicking Add Peer and leaving everything at default (besides naming the peer). After I did that I downloaded the setup (or used the QR code on my phone) and editing all of the properties in the respective apps (DNS, different networks, etc). Trying to get all of the settings dialed in on the GUI in Unraid never worked properly. Quote Link to comment
Cliff Posted March 5, 2020 Share Posted March 5, 2020 Can anyone tell me what I am doing wrong ? I signed up with an VPN-service that offers wireguard (mullvad.net) and downloaded the config.file and imported it. But wireguard does not connect. Quote Link to comment
bonienl Posted March 5, 2020 Share Posted March 5, 2020 Remove the IPv6 addresses from the configuration file and test with IPv4 only. Quote Link to comment
Can0n Posted March 5, 2020 Share Posted March 5, 2020 On 3/1/2020 at 3:35 PM, Squid said: Even though you've solved this, should be noted for others that there is zero reason to ever set pi-hole as your DNS for unRaid. Causes too many issues. And if you're using the webUI boot mode and surfing via Firefox random websites (and hence wanting ad blocking there), then you also shouldn't be doing that. That boot mode is designed for management of the server, not surfing around. I have my pihole server set as my DNS and no issues and why do you say there is no reason? It’s blocking all the sad malware and ads when I’m remotely connected as it would when I’m home works great! Quote Link to comment
Can0n Posted March 5, 2020 Share Posted March 5, 2020 49 minutes ago, bonienl said: Remove the IPv6 addresses from the configuration file and test with IPv4 only. That! And set the little inactive switch at the top to active Quote Link to comment
calebcoverdale Posted March 5, 2020 Share Posted March 5, 2020 (edited) Is there a way that I can connect unraid to a Wireguard VPN and route all traffic from my unraid through that? EDIT: I literally just scrolled down from this post and I found this: Ugh.. Edited March 5, 2020 by calebcoverdale Quote Link to comment
Ryonez Posted March 5, 2020 Share Posted March 5, 2020 1 hour ago, Can0nfan said: I have my pihole server set as my DNS and no issues and why do you say there is no reason? It’s blocking all the sad malware and ads when I’m remotely connected as it would when I’m home works great! Squid is meaning using pi-hole as the DNS server unRaid uses for itself. Though looking at the replies for it I don't get why this is pointed out. I don't use it for my server, and that's because I host it on that server. I might personally try it if it was hosted off the server, but I could see there being issues where it might block something unRaid needs by accident. It's unlikely you'll need to filter the traffic for unRaid though. Pi-hole is fine to use as the DNS server for wireguard, though there's some tweaks you need to do if you're hosting pi-hole on the same unRaid server as wireguard. Quote Link to comment
Cliff Posted March 5, 2020 Share Posted March 5, 2020 Thanks, for the answer. Another stupid question: Is it possible to only route specific containers through wireguard? Rigth now I only have the need for ruTorrent to use wireguard. 1 Quote Link to comment
Cliff Posted March 5, 2020 Share Posted March 5, 2020 Removing the ipv6 from the config-file made no difference. When I flip the inactive-button to active it resets after clicking "done" Quote Link to comment
ljm42 Posted March 5, 2020 Author Share Posted March 5, 2020 10 hours ago, Cliff said: I signed up with an VPN-service that offers wireguard (mullvad.net) and downloaded the config.file and imported it 9 hours ago, calebcoverdale said: Is there a way that I can connect unraid to a Wireguard VPN and route all traffic from my unraid through that? This is the thread you are looking for. It is linked in the OP: Quote Link to comment
dbinott Posted March 6, 2020 Share Posted March 6, 2020 Can I set this up remotely while connected via OpenVPN or will there be conflicts and/or issues? Quote Link to comment
ccollinscj Posted March 7, 2020 Share Posted March 7, 2020 Well I did the update last night to Unraid and while configuring wiregurard I am I have loss all web access to my unraid server and not trying to figure out a way to stop it or remove it from terminal access via Supermicro iKvm into since I have neither keyboard and or video from directly connect. What freaken way to start a Saturday morning.......should know better to do an update. Quote Link to comment
luizmont Posted March 7, 2020 Share Posted March 7, 2020 On 3/5/2020 at 5:14 AM, Ryonez said: Squid is meaning using pi-hole as the DNS server unRaid uses for itself. Though looking at the replies for it I don't get why this is pointed out. I don't use it for my server, and that's because I host it on that server. I might personally try it if it was hosted off the server, but I could see there being issues where it might block something unRaid needs by accident. It's unlikely you'll need to filter the traffic for unRaid though. Pi-hole is fine to use as the DNS server for wireguard, though there's some tweaks you need to do if you're hosting pi-hole on the same unRaid server as wireguard. Can you please explain what tweaks need to be done? I'm a new user, configured unraid, wireguard and installed pi-hole (docker). Changed the DNS on my router to use pi-hole dns server and everything works fine on my local network. But when I use my phone outside the LAN, there's no ad blocking... Thanks! 1 Quote Link to comment
GreenEyedMonster Posted March 11, 2020 Share Posted March 11, 2020 Hey guys, A random question. Could I use wireguard as a remote tunnel access for a whole network instead of just 1 client? Anyone done this? Quote Link to comment
Ustrombase Posted March 11, 2020 Share Posted March 11, 2020 Got this installed it was super easy! However, I can't reach my unRAID box. I think that it is becuase I have https cert and it resolves to <servername>.local, and when I am on my phone connected to wireguard the DNS can't resolve / find what the address should be? Just me saying smart things trying to sound smart lol. Does anyone have any thoughts on this? locally i can use the ip and it automatically switches to https using the hostname.local, this is why i am thinking that this is what is happening, i am on VPN as I have tested connecting to my home assistant instance and it works. Quote Link to comment
phrozen087 Posted March 11, 2020 Share Posted March 11, 2020 Ran into a weird issue after upgrading to 6.8.3 and was hoping someone might know what went bad. When I connect to Wireguard from my phone or laptop outside of my network I am unable to access my VMs with RDP or Splashtop that are inside the network. My main VM is located at 192.168.85.112 and the unraid server is located at 192.168.85.111. It seems like the NAT isn't working properly. Initially I had a lot of networking issues after upgrading so I deleted by network config and rebuilt it, and this fixed most of my issues. It seems like the RDP applications aren't making the link from the 10.253.0 subnet to the 192.168.85 subnet. This was working without any issues before I upgraded to 6.8.3, so I'm not totally sure what could have happened. Thanks for any help! Quote Link to comment
phrozen087 Posted March 12, 2020 Share Posted March 12, 2020 (edited) Small followup to my last post. It seems that with the Remote Access to LAN setting I am not actually able to access anything on the LAN. I checked that bridging is enabled and I can ping the server on both 10.253.0.1 and 192.168.85.111, but I can't seem to ping any other devices on the network. I downgraded back to 6.8.2 hoping that might help, but it doesn't seem like it changed anything. EDIT: So I reinstalled the OpenVPN AS docker container just to see if that would work, and connecting through that gives me full access to the whole LAN, so the issue is only occurring with wireguard on my server. I guess OpenVPN isn't a bad backup option, but I liked how lightweight wireguard is. Edited March 12, 2020 by phrozen087 Quote Link to comment
sittingmongoose Posted March 12, 2020 Share Posted March 12, 2020 I have wireguard working well. I can connect to my unraid network, and access things like my router on that network. I set it up for Remote Access to LAN. HOWEVER, I cant access other computers on that network? Like in windows, if I try to see network devices, I cant see my unraid server on there. But I can see my local NAS and other devices. AND when I am physically on my Unraid network, I can see the Unraid server in network devices. Any help would be greatly appreciated. Quote Link to comment
aaomidi Posted March 22, 2020 Share Posted March 22, 2020 I've set up a wireguard remote tunneled access on my unraid server, and I've set the Local tunnel firewall to 192.168.1.1/24 However, from my phone I'm still able to access the Unraid UI on http://192.168.1.227:8080 when I'm connected to the WG tunnel Any ideas? Quote Link to comment
bonienl Posted March 24, 2020 Share Posted March 24, 2020 The firewall function on the WG tunnel can only deny/permit access to devices other than Unraid itself. Quote Link to comment
dweb Posted March 26, 2020 Share Posted March 26, 2020 I want to replace my Raspi Wireguard Cient with my Unraid Machine. To me it looks like Unraid can only be a server, but is it also possible to make it a client? Server is a AWS cloud server. Then I have Client Site A and Client Site B(Unraid). On the Rapspi I use the folloWing config to also allow access to my LAN for other clients: [Interface] PrivateKey = KEY Address = 10.8.0.6/24 DNS = 10.8.0.1 PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE [Peer] PublicKey = KEY PresharedKey = KEY Endpoint = myserverdomain.com:port AllowedIPs = 10.6.0.0/24, 192.168.189.0/24(subnet Site A) PersistentKeepalive = 25 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.