itimpi Posted August 12, 2022 Share Posted August 12, 2022 1 hour ago, GermanGramatikov said: Hello itimpi, I know that people do not like to read long posts that is why I tried to write it as short as possible but let me try again: My Wireguard stopped working there was a new tab in plugins page called "Errors" (forgot to make screenshot it is already gone) in it it said that wireguard has an issue and the only button available was "Delete" which I pressed Now I don't have wiregurad and I cannot install it Help please? There is nothing to install if you are on 6.10.3 as it Wireguard is now built in so deleting the old plugin was the correct thing to do. Are you saying that you do not have Settings->VPN Manager where you now configure Wireguard? Quote Link to comment
GermanGramatikov Posted August 13, 2022 Share Posted August 13, 2022 21 hours ago, itimpi said: There is nothing to install if you are on 6.10.3 as it Wireguard is now built in so deleting the old plugin was the correct thing to do. Are you saying that you do not have Settings->VPN Manager where you now configure Wireguard? Well yes, unfortunately I don't have any wireguard plugin at the moment and there is no way to install it again other then reverting back to 6.9.9 installing it and then upgrading again to 6.10.3 and I believe that someone would know how to install it directly without having to do this exercise that is why I decided to ask here. Thanks for looking into it! Quote Link to comment
Hoopster Posted August 13, 2022 Share Posted August 13, 2022 (edited) 29 minutes ago, GermanGramatikov said: Well yes, unfortunately I don't have any wireguard plugin at the moment and there is no way to install it again other then reverting back to 6.9.9 installing it and then upgrading again to 6.10.3 and I believe that someone would know how to install it directly without having to do this exercise that is why I decided to ask here. Thanks for looking into it! It's not under the Tools menu which you show in the screenshot. As Itimpi mentioned, in unRAID 6.10.3, you should find it in the Settings menu as VPN Manager. It is no longer a plugin so it is not in Plugins either. Edited August 13, 2022 by Hoopster Quote Link to comment
GermanGramatikov Posted August 14, 2022 Share Posted August 14, 2022 12 hours ago, Hoopster said: It's not under the Tools menu which you show in the screenshot. As Itimpi mentioned, in unRAID 6.10.3, you should find it in the Settings menu as VPN Manager. It is no longer a plugin so it is not in Plugins either. Hi Hoopster and itimpi, then I need to apologize for wasting your time as that's true it is there and it slipped my mind to look in there. Please take my sincere apologizes. Quote Link to comment
Hoopster Posted August 14, 2022 Share Posted August 14, 2022 13 hours ago, GermanGramatikov said: Hi Hoopster and itimpi, then I need to apologize for wasting your time as that's true it is there and it slipped my mind to look in there. Please take my sincere apologizes. No problem. I am glad you found it. Quote Link to comment
tjb_altf4 Posted September 11, 2022 Share Posted September 11, 2022 I noticed the QR code generator is no longer available, will this be coming back? Quote Link to comment
nicholasung Posted September 14, 2022 Share Posted September 14, 2022 Hey I am having an issue where I have my client set to Remote Tunnelled Access and I just leave the vpn enabled. However when I am on the same network as my server I can access my mapped Windows Share on unraid and the admin console. When I leave the network I cannot access the Windows Share anymore but still can access the Admin Console. What should I do? When I turn on network discovery the server does not show so I cannot remap the network drive. Quote Link to comment
jockebq Posted September 20, 2022 Share Posted September 20, 2022 On 10/25/2019 at 11:01 AM, bonienl said: I did (a lot of) testing and made line traces to monitor what is happening exactly. 1. If you have docker containers with a custom IP address assigned to br0 (the management interface of Unraid) then containers will never be reachable thru WG. The reason: the tunnel terminates on the host, but docker doesn't allow communication between host (Unraid) and containers. The solution: create a separate interface or VLAN for docker containers 2. When the setting "Local gateway uses NAT" is set to YES, it will cause Unraid to use its own LAN address as source for communication to other devices on the LAN network. I am going to change the name of this setting, because it has nothing to do with the local gateway (router). With NAT enabled on the Unraid server, all devices respond directly to Unraid (i.e. not via the default gateway). In my testing, however, the NAT setting causes issues when talking to containers with custom IP addresses. These reply wrongly and consequently are not reachable, but any other device in the LAN works correctly, just not containers. 3. When the setting "Local gateway uses NAT" is set to NO, it will cause Unraid to use the WG tunnel address as source for communication. In this case the default gateway (your router) needs a static route added to point tunnel addresses back to the Unraid server. With this set up both docker containers and other devices are reachable. 4. I have issues when using UPnP on my router (Ubiquiti) and ended up making manual forwarding port rules instead. User mistake, UPnP is working correctly with Ubiquiti. I have an Unraid server setup with services like WireGuard VPN, Home Assistant, Nginx Proxy Manager. The setup is as follows: WireGuard is running as "Remote tunneled access" with DNS server (192.168.1.1) which is my router. Home Assistant is running as a Docker on the same server. Nginx Proxy Manager is running as a Docker (Host) on the same server, here I have Nginx Reverse Proxy for Home Assistant (home.example.com). I can without any issues reach Home Assistant when I am in my local network and when I use an external network. It is reachable from anywhere, as I want it to be. But as soon as I connect to my WireGuard VPN tunnel it is no longer possible to reach the domain (home.example.com). It just times out. From what I read in your post the issue is similar to what you describe. But I run my Home Assistant docker as Host, not Bridge. How come I have the same issue? Is there any solution to this? Quote Link to comment
PC Services Posted September 22, 2022 Share Posted September 22, 2022 Does anyone have the URL for the plugin? I cant find it on app store anymore. Quote Link to comment
tjb_altf4 Posted September 22, 2022 Share Posted September 22, 2022 (edited) 55 minutes ago, PC Services said: Does anyone have the URL for the plugin? I cant find it on app store anymore. The WireGuard plugin has been merged into the Unraid OS as of 6.10.0, it can be accessed at Settings > VPN Manager Edited September 22, 2022 by tjb_altf4 Quote Link to comment
LakersFan Posted October 8, 2022 Share Posted October 8, 2022 On 9/11/2022 at 12:51 AM, tjb_altf4 said: I noticed the QR code generator is no longer available, will this be coming back? Good question… it’s not available for me either. Quote Link to comment
BreakfastPurrito Posted October 8, 2022 Share Posted October 8, 2022 I have set up transmission to use an IP whitelist and with internal IP addresses it works fine; 192.168.x.x etc. However when I connect with a VPN it won't let me access it. Wireguard gives me a 10.0.x.x address, and if I add that to the whitelist it still blocks me. Does this mean I don't actually have a 10.0.x.x address or am I doing something wrong? Quote Link to comment
Linguafoeda Posted November 9, 2022 Share Posted November 9, 2022 On 9/11/2020 at 8:22 PM, AceRimmer said: Feature suggestion (if it hasn't been suggested yet) Re-order VPN peers the same way i can re-order VM's (hold click, drag & drop). i'd like to see this too. i'm on 6.11.3 Quote Link to comment
TexasDave Posted November 10, 2022 Share Posted November 10, 2022 I have Wireguard setup and have an "extra" tunnel. It shows in the VPN s ettings and Dashboard. I want to delete it. I have advanced on. I can see a delete button for WG0 but it is for the tunnel I want. There is no delete button for the other tunnel, WG1? I am trying to delete WG1. Ideas? Thanks! Quote Link to comment
bonienl Posted November 10, 2022 Author Share Posted November 10, 2022 Switch to “advanced view” for tunnel WG1 Quote Link to comment
TexasDave Posted November 10, 2022 Share Posted November 10, 2022 21 minutes ago, bonienl said: Switch to “advanced view” for tunnel WG1 THANKS! Feel like an idiot - did not realzie there were multiple "Advanced Views" - Thanks! Quote Link to comment
TexasDave Posted November 10, 2022 Share Posted November 10, 2022 OK - so have Wireguard working when I use my external IP (explicitly) in the configuration. When I replace the IP with my duck DNS domain, it does not work. I get the message to the side: "Remark: The Local endpoint resolves to 31.53.XXX.XXX. In most cases, this should be your public WAN IPv4 instead: 109.153.XXX.XX" Again - works fine if I use the 109.153.XXX.XX in the Wireguard setup. but not fine when I use mydomaninname.duckdns.org. Ideas on what the issue might be? Quote Link to comment
machineglow Posted January 20, 2023 Share Posted January 20, 2023 re: connecting to dockers via VPN, Does anyone have a workaround if we don't have the ability to add a custom route to the router. I run eero wifi and they simply don't support this capability. Quote Link to comment
ljm42 Posted January 21, 2023 Share Posted January 21, 2023 21 hours ago, machineglow said: re: connecting to dockers via VPN, Does anyone have a workaround if we don't have the ability to add a custom route to the router. I run eero wifi and they simply don't support this capability. The only way the built-in WireGuard client can access Docker containers on custom IPs is by adding custom routes to the router. If you cannot do that then you either need to disable the custom container IPs or use a different VPN solution. Quote Link to comment
ljm42 Posted January 21, 2023 Share Posted January 21, 2023 On 11/10/2022 at 11:13 AM, TexasDave said: OK - so have Wireguard working when I use my external IP (explicitly) in the configuration. When I replace the IP with my duck DNS domain, it does not work. I get the message to the side: "Remark: The Local endpoint resolves to 31.53.XXX.XXX. In most cases, this should be your public WAN IPv4 instead: 109.153.XXX.XX" Again - works fine if I use the 109.153.XXX.XX in the Wireguard setup. but not fine when I use mydomaninname.duckdns.org. Ideas on what the issue might be? Based on what you've written it sounds like your duckdns domain does not resolve to the correct IP address. Quote Link to comment
machineglow Posted January 22, 2023 Share Posted January 22, 2023 7 hours ago, ljm42 said: The only way the built-in WireGuard client can access Docker containers on custom IPs is by adding custom routes to the router. If you cannot do that then you either need to disable the custom container IPs or use a different VPN solution. thanks for the clarification. looks like i'll have to try something else. do you think there are weird routing issues if I spin up a separate VPN service running in docker or VM? Quote Link to comment
TexasDave Posted January 24, 2023 Share Posted January 24, 2023 On 1/21/2023 at 8:42 PM, ljm42 said: Based on what you've written it sounds like your duckdns domain does not resolve to the correct IP address. Agree 100%. I eventually installed "Wireguard Easy" and that seemed to fix it. No clue why. Quote Link to comment
TimTheSettler Posted January 25, 2023 Share Posted January 25, 2023 My unRAID01 server is in one location and my unRAID02 server is in another location. I use Wireguard to connect the two servers together. All good. If the router at the unRAID01 location (router01) goes down and comes back up or if the router at the unRAID02 location (router02) goes down and comes back up the tunnel becomes disconnected. It doesn't matter which router goes down, the tunnel is disconnected. So, if router01 goes down the tunnel is lost but if I jiggle the tunnel (deactivate it and then reactivate it) the tunnel reconnects and life goes on. Likewise, if router02 goes down and if I jiggle the tunnel (deactivate/reactivate) it comes back. Unfortunately I'm not a Linux guy which is why I like unRAID. I don't really need to be a Linux guy for it to all work. But, I was hoping that someone here might be able to create an "auto-jiggler" script. A script that can be scheduled to check if a tunnel is active and if it's not then deactivate and reactivate the tunnel. Any takers? Quote Link to comment
Steace Posted April 1, 2023 Share Posted April 1, 2023 Someone know where the info for the Kill switch is? I've looked in the folder /boot/config/wireguard/wg*.conf I don't see anything in the .conf file that looks like a kill switch. I was hoping for something like this: PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT Should I add a script at boot to add those or it's now completely unnecessary? Thank for any help ☺ Quote Link to comment
Bushibot Posted November 16, 2023 Share Posted November 16, 2023 (edited) So my wireguard is connecting fine as remote tunneled access. I can reach my unraid box and my gateway and WAN, non docker hosts. However I can't access any of the docker IP's. The whole network is flat 192.168.1.x/24, so my reachable hosts and docker are the same IP range. I see a note Remark: docker containers on custom networks need static routing 10.253.0.0/24 to 192.168.1.99 Not sure what I need to change? I did try adding a custom route on my router, but didn't seem to help. I can I have wireguard just get an IP from the DHCP server instead or set aside a small pool from my existing private space? Edited November 16, 2023 by Bushibot Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.