Bullerwins Posted August 11, 2021 Share Posted August 11, 2021 Hi! I don't know if this has been covered but I don't find a solution. I managed to make a Remote tunneled access via wireguard to remotely access my unraid and network. But the guide in OP says that we cannot have to wireguard configs enabled at the same time. So is there any way to set up unraid to route all of its traffic outsite via a commecial vpn for privacy and also have another way to vpn into my unraid and lan from outside? Quote Link to comment
Dor Posted August 27, 2021 Share Posted August 27, 2021 (edited) On 5/24/2021 at 11:21 PM, ljm42 said: I'm glad you got it working, but this definitely falls outside the scope of what I would consider to be supported I modified the OP accordingly. If you would like to start a new guide of your own specific to PIA I'd be happy to link to that. I've created a fork of the PIA scripts to simplify the install process on unRaid, it's still not as simple as importing a configuration, but the scripts now generate a file following the "wg#.conf" convention which gets picked up by the Dynamix WireGuard plugin, it also fills the public key and VPN type fields correctly (which exist in "wg#.cfg"). I also added a user script to be used with the User Scripts plugin to make configuration changes (like re-selecting a server) easy to make, all you really need to fill to be up and running are the PIA account credentials. You can find my fork at https://github.com/DorCoMaNdO/pia-wireguard-unraid, the user script is part of the repo at unraid_userscript.sh Edited August 27, 2021 by Dor 3 Quote Link to comment
Moises Posted September 13, 2021 Share Posted September 13, 2021 I am currently unable to get this to work with Mullvad, not sure what I am doing wrong. I download my config file, import it, the tunnel shows up with everything filled in, but when I change the slider to active, nothing happens. My logs don't show the tunnel starting at all. I have confirmed that everything with mullvad is working fine since I can use it with my phone. All other tunnels are also disabled. Any hints? Quote Link to comment
dalben Posted September 13, 2021 Share Posted September 13, 2021 (edited) On 8/27/2021 at 5:19 PM, Dor said: I've created a fork of the PIA scripts to simplify the install process on unRaid, it's still not as simple as importing a configuration, but the scripts now generate a file following the "wg#.conf" convention which gets picked up by the Dynamix WireGuard plugin, it also fills the public key and VPN type fields correctly (which exist in "wg#.cfg"). I also added a user script to be used with the User Scripts plugin to make configuration changes (like re-selecting a server) easy to make, all you really need to fill to be up and running are the PIA account credentials. You can find my fork at https://github.com/DorCoMaNdO/pia-wireguard-unraid, the user script is part of the repo at unraid_userscript.sh Hi, tried running it and hit an error ./get_region.sh: line 242: ./setup_wireguard_with_token.sh: Permission denied This was after it auto-selected the nearest server for me Edit: Made it executable and all good now. Edited September 13, 2021 by dalben Quote Link to comment
gmul Posted September 17, 2021 Share Posted September 17, 2021 On 9/12/2021 at 9:14 PM, Moises said: I am currently unable to get this to work with Mullvad, not sure what I am doing wrong. I download my config file, import it, the tunnel shows up with everything filled in, but when I change the slider to active, nothing happens. My logs don't show the tunnel starting at all. I have confirmed that everything with mullvad is working fine since I can use it with my phone. All other tunnels are also disabled. Any hints? Switch to advanced mode and set your peer tunnel address to an available IP in your local tunnel network pool. Quote Link to comment
Arvid78 Posted November 14, 2021 Share Posted November 14, 2021 Another wireguard vpn provider ovpn.com swedish provider, alot of servers worlwide and great speeds. As another member said you have to remove the ",,,0/0" from the file to make the connection work Quote Link to comment
Ender Wiggin Posted January 12, 2022 Share Posted January 12, 2022 I am using IVPN and they do not provide a configuration file to import into unraid. They expect you to give them the public key then they assign you an IP address. How can i use the unraid wireguard VPN tunneled access if i do not have a config file from my preferred VPN provider? Here is the relavent documentaion: Not public. Here is what i could find IVPN Wireguard This also applies to trying to setup a docker container like delugevpn that requires a config file. Quote Link to comment
ljm42 Posted January 12, 2022 Author Share Posted January 12, 2022 It sounds like you need to generate a set of private and public keys, hopefully when you give them the public key they will give you a full config file and not just an ip addess. There are many ways to generate a set of keys, probably the easiest would be to go into the webgui and create a dummy wireguard tunnel and peer, and then press "Generate Keypair". You can delete this dummy tunnel and peer, but be sure to keep a copy of the public and private keys. Once you get the config file from the provider you would import it per the instructions on the first post of this thread. Then add the public and private keys you created earlier as the "Local" public and private keys. If they expect you to build the config file on your own I would probably move on to a different provider. Quote Link to comment
Ender Wiggin Posted January 12, 2022 Share Posted January 12, 2022 (edited) On 1/12/2022 at 10:32 AM, ljm42 said: It sounds like you need to generate a set of private and public keys, hopefully when you give them the public key they will give you a full config file and not just an ip addess. There are many ways to generate a set of keys, probably the easiest would be to go into the webgui and create a dummy wireguard tunnel and peer, and then press "Generate Keypair". You can delete this dummy tunnel and peer, but be sure to keep a copy of the public and private keys. Once you get the config file from the provider you would import it per the instructions on the first post of this thread. Then add the public and private keys you created earlier as the "Local" public and private keys. If they expect you to build the config file on your own I would probably move on to a different provider. This is what i had thought has well. I went through the process and did not get a config files they only gave me an IP. They do give detailed instructions on how to add wireguard to a linux in this specific manner but i do not know how to apply this to the unraid wireguard setup. Here are some instrutions : https://www.ivpn.net/setup/linux-wireguard-netman/ Edited January 14, 2022 by Ender Wiggin Quote Link to comment
wizard84 Posted January 16, 2022 Share Posted January 16, 2022 Hi, I was looking around the wireguard capabilities (other post) and in the meanwhile i'm looking around trying to understand which commercial provider is the best one, evaluating also the compatibility with the built-in client or any docker container acting as man in the middle. I saw that some providers implemented their own privacy layer due to wireguard protocol specifications, but I'm disoriented. Do you have any suggestion? Quote Link to comment
TimV Posted April 10, 2022 Share Posted April 10, 2022 (edited) I'm trying to use AzireVPN. I downloaded the config file, uploaded it to Wireguard. When I switch to advanced mode, I see their server name in there. VPN tunneled access is the type I'm trying to setup. I can ping their server from the config screen. When I activate it, the "last handshake" line shows inactive connection. When I leave the screen and go back in, it's inactive. I must be forgetting something fairly basic, yet I'm seeing anything in this thread, It might be there and I just don't recognize it. Edited April 10, 2022 by TimV more info Quote Link to comment
ljm42 Posted April 19, 2022 Author Share Posted April 19, 2022 For anyone following this thread, be sure to check out the first post for a sneak peek into 6.10.0-rc5, coming Soon(TM)! Starting with this release you will be able to assign specific Docker containers to a VPN tunnel connected to a commercial provider! The rest of your server will use the normal Internet connection while your selected containers use WireGuard. There is even a kill switch, so if the WireGuard tunnel goes down, the containers will not be able to access the Internet. 2 1 Quote Link to comment
Arndroid Posted April 20, 2022 Share Posted April 20, 2022 17 hours ago, ljm42 said: For anyone following this thread, be sure to check out the first post for a sneak peek into 6.10.0-rc5, coming Soon(TM)! Starting with this release you will be able to assign specific Docker containers to a VPN tunnel connected to a commercial provider! The rest of your server will use the normal Internet connection while your selected containers use WireGuard. There is even a kill switch, so if the WireGuard tunnel goes down, the containers will not be able to access the Internet. Oh that may be perfect for my needs. I currently have a "Server to Server" tunnel to a VPS to mask my IP from my publicly hosted websites. Would this enable assigning the tunnel as a Custom Network/Custom Bridge to individual Dockers? That is what I am looking for, as the VPS has limited bandwidth. (Or would you know if that would be possible, at all?) Quote Link to comment
bonienl Posted April 20, 2022 Share Posted April 20, 2022 You can assign a docker container to a WireGuard tunnel just like another interface. In the example below I have 4 browser containers, each connected to a different network, two of them use a VPN tunnel (wg1 and wg2) and hide my IP address Quote Link to comment
Arndroid Posted April 20, 2022 Share Posted April 20, 2022 (edited) Oh dear, that would be amazing to have. I only have Host, Bridge, None and Custom: br0 as available Network Interfaces. (I have no clue how to create another "Custom" interface, I guess...) Even when setting up my second NIC calling it 'eth1', it does not show up as an option. I will have to give this another go, but I have not seen WireGuard Tunnels as Network Interfaces before in my setup. Would this only be the case with "VPN Tunnel" as selected option? Edited April 20, 2022 by Arndroid Quote Link to comment
ljm42 Posted April 20, 2022 Author Share Posted April 20, 2022 3 minutes ago, Arndroid said: Oh dear, that would be amazing to have. I only have Host, Bridge, None and Custom: br0 as available Network Interfaces. (I have no clue how to create another "Custom" interface, I guess...) Even when setting up my second NIC calling it 'eth1', it does not show up as an option. I will have to give this another go, but I have not seen WireGuard Tunnels as Network Interfaces before in my setup. Would this only be the case with "VPN Tunnel" as selected option? You'll need to wait for 6.10.0-rc5 Quote Link to comment
Arndroid Posted April 20, 2022 Share Posted April 20, 2022 Oh, that explains that, I guess. I thought bonienl was saying this was already possible, hah. I am looking forward to this update! Quote Link to comment
Steve1985 Posted April 25, 2022 Share Posted April 25, 2022 Very much looking forward to rc5 for VPN tunnel per docker container instead of for the full system. I see rc4 is available but no rc5 yet. When about would i be able to expect this? Quote Link to comment
Fuggin Posted April 26, 2022 Share Posted April 26, 2022 On 4/25/2022 at 6:46 PM, Steve1985 said: Very much looking forward to rc5 for VPN tunnel per docker container instead of for the full system. I see rc4 is available but no rc5 yet. When about would i be able to expect this? Now Quote Link to comment
SuperW2 Posted April 27, 2022 Share Posted April 27, 2022 I see that PIA is "unsupported" and not recommended, but seems to be several folks that had previously made the converted PIA files via scripts from various GitHub projects... I've tried a couple of those converted CONF files with the new RC5 options without any luck. If anyone finds a way to make those work with the "VPN tunneled access for docker" option in RC5, I'd be all ears to hear how (even if not fully supported). I don't really want to switch to a new provider at the moment. Quote Link to comment
badi95 Posted April 27, 2022 Share Posted April 27, 2022 I have a wireguard tunnel to my vps for certain docker containers using passthroughvpn container. Will I be able to replace this setup with the functionality described? or will it only support commercial VPN solutions? Quote Link to comment
Steve1985 Posted April 28, 2022 Share Posted April 28, 2022 I run my own wireguard server on a VM in the cloud. Just tried the VPN tunneled access for docker option and it works like a charm. Just follow the instructions in the OP. For my existing tunnel i just had to adjust the option that was added after rc5. In my case the "peer endpoint" disappeared so the tunnel stopped working. Not sure if this could be considered a bug. Very happy camper no longer have to route plex through the VPN which broke all kinds of home automation stuff. Thanks! Quote Link to comment
Steace Posted April 30, 2022 Share Posted April 30, 2022 (edited) Windscribe also support WireGuard, I've been using them for years without any problems. There's a config generator for WireGuard/IKEV2/OpenVPN so you can use it anywhere you want (not locked to their app). You can even make your own plan. I currently pay 3$CAD per month for all USA location + unlimited bandwidth + free location. I used an affiliate link, if for some reason you don't want to use it just remove everything after .com. I'm also not working for them... It's really the one that I use and highly recommend and I used a lot. Perfect for users like us. I'll stop selling them and let see by yourself 😆, I really just love them ! EDIT: If you use my link you also get 1GB of extra bandwidth for the free plan. Note that you need a paid account to use WireGuard. EDIT: I found out that the PresharedKey is not imported from the config file, you need to enter it manually in the Unraid/Wireguard interface. Work like a charm. Thank you very much Fixed In 6.10.RC6 Edited May 5, 2022 by Steace bug found + fix 1 Quote Link to comment
Arndroid Posted May 1, 2022 Share Posted May 1, 2022 On 4/20/2022 at 8:51 PM, ljm42 said: You'll need to wait for 6.10.0-rc5 RC5 has now been released, I installed it yesterday. Got the chance to configure a commerial VPN today alongside my WG VPS Tunnel. (Set as "Remote Access To Server", which is also selectable now through the Docker Network Type dropdown) And things are working wondrously! My NZBVpn docker was acting up, installed de LS.io one, hooked it up through my WG commerical VPN config which I simply imported, and bam, stuff is working, confirmed it with curl inside the container. Thanks UnRAID and Community! 1 Quote Link to comment
Kopernikus Posted May 1, 2022 Share Posted May 1, 2022 (edited) Hi, Upgraded to 6.10.0-rc5 to test out this new functionality. I'm using TorGuard as commercial VPN, so created config file, imported (it created wg1) and when activating it seems to connect fine (able to ping to the peer endpoint). However when I want to use this connection for a container for example firefox, I'm setting the network type to custom wg1, but as soon as the container is started I can't reach it anymore, tried it with other containers same result. Any idea? @bonienl @ljm42 To be more complete: my Unraid runs untagged on my server VLAN and my containers/VM's are running on their own VLAN. To test tried it with AirVPN same result tunnel is connecting fine however as soon as I am connected I can't connect to the docker container it uses. Could it have something to do with the iptables who are set? Edited May 2, 2022 by Kopernikus Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.