August 12, 20223 yr 1 hour ago, GermanGramatikov said: Hello itimpi, I know that people do not like to read long posts that is why I tried to write it as short as possible but let me try again: My Wireguard stopped working there was a new tab in plugins page called "Errors" (forgot to make screenshot it is already gone) in it it said that wireguard has an issue and the only button available was "Delete" which I pressed Now I don't have wiregurad and I cannot install it Help please? There is nothing to install if you are on 6.10.3 as it Wireguard is now built in so deleting the old plugin was the correct thing to do. Are you saying that you do not have Settings->VPN Manager where you now configure Wireguard?
August 13, 20223 yr 21 hours ago, itimpi said: There is nothing to install if you are on 6.10.3 as it Wireguard is now built in so deleting the old plugin was the correct thing to do. Are you saying that you do not have Settings->VPN Manager where you now configure Wireguard? Well yes, unfortunately I don't have any wireguard plugin at the moment and there is no way to install it again other then reverting back to 6.9.9 installing it and then upgrading again to 6.10.3 and I believe that someone would know how to install it directly without having to do this exercise that is why I decided to ask here. Thanks for looking into it!
August 13, 20223 yr 29 minutes ago, GermanGramatikov said: Well yes, unfortunately I don't have any wireguard plugin at the moment and there is no way to install it again other then reverting back to 6.9.9 installing it and then upgrading again to 6.10.3 and I believe that someone would know how to install it directly without having to do this exercise that is why I decided to ask here. Thanks for looking into it! It's not under the Tools menu which you show in the screenshot. As Itimpi mentioned, in unRAID 6.10.3, you should find it in the Settings menu as VPN Manager. It is no longer a plugin so it is not in Plugins either. Edited August 13, 20223 yr by Hoopster
August 14, 20223 yr 12 hours ago, Hoopster said: It's not under the Tools menu which you show in the screenshot. As Itimpi mentioned, in unRAID 6.10.3, you should find it in the Settings menu as VPN Manager. It is no longer a plugin so it is not in Plugins either. Hi Hoopster and itimpi, then I need to apologize for wasting your time as that's true it is there and it slipped my mind to look in there. Please take my sincere apologizes.
August 14, 20223 yr 13 hours ago, GermanGramatikov said: Hi Hoopster and itimpi, then I need to apologize for wasting your time as that's true it is there and it slipped my mind to look in there. Please take my sincere apologizes. No problem. I am glad you found it.
September 11, 20223 yr I noticed the QR code generator is no longer available, will this be coming back?
September 14, 20223 yr Hey I am having an issue where I have my client set to Remote Tunnelled Access and I just leave the vpn enabled. However when I am on the same network as my server I can access my mapped Windows Share on unraid and the admin console. When I leave the network I cannot access the Windows Share anymore but still can access the Admin Console. What should I do? When I turn on network discovery the server does not show so I cannot remap the network drive.
September 20, 20223 yr On 10/25/2019 at 11:01 AM, bonienl said: I did (a lot of) testing and made line traces to monitor what is happening exactly. 1. If you have docker containers with a custom IP address assigned to br0 (the management interface of Unraid) then containers will never be reachable thru WG. The reason: the tunnel terminates on the host, but docker doesn't allow communication between host (Unraid) and containers. The solution: create a separate interface or VLAN for docker containers 2. When the setting "Local gateway uses NAT" is set to YES, it will cause Unraid to use its own LAN address as source for communication to other devices on the LAN network. I am going to change the name of this setting, because it has nothing to do with the local gateway (router). With NAT enabled on the Unraid server, all devices respond directly to Unraid (i.e. not via the default gateway). In my testing, however, the NAT setting causes issues when talking to containers with custom IP addresses. These reply wrongly and consequently are not reachable, but any other device in the LAN works correctly, just not containers. 3. When the setting "Local gateway uses NAT" is set to NO, it will cause Unraid to use the WG tunnel address as source for communication. In this case the default gateway (your router) needs a static route added to point tunnel addresses back to the Unraid server. With this set up both docker containers and other devices are reachable. 4. I have issues when using UPnP on my router (Ubiquiti) and ended up making manual forwarding port rules instead. User mistake, UPnP is working correctly with Ubiquiti. I have an Unraid server setup with services like WireGuard VPN, Home Assistant, Nginx Proxy Manager. The setup is as follows: WireGuard is running as "Remote tunneled access" with DNS server (192.168.1.1) which is my router. Home Assistant is running as a Docker on the same server. Nginx Proxy Manager is running as a Docker (Host) on the same server, here I have Nginx Reverse Proxy for Home Assistant (home.example.com). I can without any issues reach Home Assistant when I am in my local network and when I use an external network. It is reachable from anywhere, as I want it to be. But as soon as I connect to my WireGuard VPN tunnel it is no longer possible to reach the domain (home.example.com). It just times out. From what I read in your post the issue is similar to what you describe. But I run my Home Assistant docker as Host, not Bridge. How come I have the same issue? Is there any solution to this?
September 22, 20223 yr 55 minutes ago, PC Services said: Does anyone have the URL for the plugin? I cant find it on app store anymore. The WireGuard plugin has been merged into the Unraid OS as of 6.10.0, it can be accessed at Settings > VPN Manager Edited September 22, 20223 yr by tjb_altf4
October 8, 20223 yr On 9/11/2022 at 12:51 AM, tjb_altf4 said: I noticed the QR code generator is no longer available, will this be coming back? Good question… it’s not available for me either.
October 8, 20223 yr I have set up transmission to use an IP whitelist and with internal IP addresses it works fine; 192.168.x.x etc. However when I connect with a VPN it won't let me access it. Wireguard gives me a 10.0.x.x address, and if I add that to the whitelist it still blocks me. Does this mean I don't actually have a 10.0.x.x address or am I doing something wrong?
November 9, 20223 yr On 9/11/2020 at 8:22 PM, AceRimmer said: Feature suggestion (if it hasn't been suggested yet) Re-order VPN peers the same way i can re-order VM's (hold click, drag & drop). i'd like to see this too. i'm on 6.11.3
November 10, 20223 yr I have Wireguard setup and have an "extra" tunnel. It shows in the VPN s ettings and Dashboard. I want to delete it. I have advanced on. I can see a delete button for WG0 but it is for the tunnel I want. There is no delete button for the other tunnel, WG1? I am trying to delete WG1. Ideas? Thanks!
November 10, 20223 yr 21 minutes ago, bonienl said: Switch to “advanced view” for tunnel WG1 THANKS! Feel like an idiot - did not realzie there were multiple "Advanced Views" - Thanks!
November 10, 20223 yr OK - so have Wireguard working when I use my external IP (explicitly) in the configuration. When I replace the IP with my duck DNS domain, it does not work. I get the message to the side: "Remark: The Local endpoint resolves to 31.53.XXX.XXX. In most cases, this should be your public WAN IPv4 instead: 109.153.XXX.XX" Again - works fine if I use the 109.153.XXX.XX in the Wireguard setup. but not fine when I use mydomaninname.duckdns.org. Ideas on what the issue might be?
January 20, 20233 yr re: connecting to dockers via VPN, Does anyone have a workaround if we don't have the ability to add a custom route to the router. I run eero wifi and they simply don't support this capability.
January 21, 20233 yr 21 hours ago, machineglow said: re: connecting to dockers via VPN, Does anyone have a workaround if we don't have the ability to add a custom route to the router. I run eero wifi and they simply don't support this capability. The only way the built-in WireGuard client can access Docker containers on custom IPs is by adding custom routes to the router. If you cannot do that then you either need to disable the custom container IPs or use a different VPN solution.
January 21, 20233 yr On 11/10/2022 at 11:13 AM, TexasDave said: OK - so have Wireguard working when I use my external IP (explicitly) in the configuration. When I replace the IP with my duck DNS domain, it does not work. I get the message to the side: "Remark: The Local endpoint resolves to 31.53.XXX.XXX. In most cases, this should be your public WAN IPv4 instead: 109.153.XXX.XX" Again - works fine if I use the 109.153.XXX.XX in the Wireguard setup. but not fine when I use mydomaninname.duckdns.org. Ideas on what the issue might be? Based on what you've written it sounds like your duckdns domain does not resolve to the correct IP address.
January 22, 20233 yr 7 hours ago, ljm42 said: The only way the built-in WireGuard client can access Docker containers on custom IPs is by adding custom routes to the router. If you cannot do that then you either need to disable the custom container IPs or use a different VPN solution. thanks for the clarification. looks like i'll have to try something else. do you think there are weird routing issues if I spin up a separate VPN service running in docker or VM?
January 24, 20233 yr On 1/21/2023 at 8:42 PM, ljm42 said: Based on what you've written it sounds like your duckdns domain does not resolve to the correct IP address. Agree 100%. I eventually installed "Wireguard Easy" and that seemed to fix it. No clue why.
January 25, 20233 yr My unRAID01 server is in one location and my unRAID02 server is in another location. I use Wireguard to connect the two servers together. All good. If the router at the unRAID01 location (router01) goes down and comes back up or if the router at the unRAID02 location (router02) goes down and comes back up the tunnel becomes disconnected. It doesn't matter which router goes down, the tunnel is disconnected. So, if router01 goes down the tunnel is lost but if I jiggle the tunnel (deactivate it and then reactivate it) the tunnel reconnects and life goes on. Likewise, if router02 goes down and if I jiggle the tunnel (deactivate/reactivate) it comes back. Unfortunately I'm not a Linux guy which is why I like unRAID. I don't really need to be a Linux guy for it to all work. But, I was hoping that someone here might be able to create an "auto-jiggler" script. A script that can be scheduled to check if a tunnel is active and if it's not then deactivate and reactivate the tunnel. Any takers?
April 1, 20233 yr Someone know where the info for the Kill switch is? I've looked in the folder /boot/config/wireguard/wg*.conf I don't see anything in the .conf file that looks like a kill switch. I was hoping for something like this: PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT Should I add a script at boot to add those or it's now completely unnecessary? Thank for any help ☺
November 16, 20232 yr So my wireguard is connecting fine as remote tunneled access. I can reach my unraid box and my gateway and WAN, non docker hosts. However I can't access any of the docker IP's. The whole network is flat 192.168.1.x/24, so my reachable hosts and docker are the same IP range. I see a note Remark: docker containers on custom networks need static routing 10.253.0.0/24 to 192.168.1.99 Not sure what I need to change? I did try adding a custom route on my router, but didn't seem to help. I can I have wireguard just get an IP from the DHCP server instead or set aside a small pool from my existing private space? Edited November 16, 20232 yr by Bushibot
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.