WireGuard - VPN Tunneled Access to a commercial VPN provider


ljm42

Recommended Posts

Posted (edited)

I am having a strange issue where i download the zip from the vpn interface in unraid, import that conf file into networkmanager on Arch Linux but the tunnel does not work. Anyone else have this? Yes i have wireguard-tools installed on Arch. The .conf files work fine on windows and macOS just not in Arch Linux. Is there something missing?

 

EDIT:

Importing through networkmanager did not work.

Importing through the CLI works.

nmcli connection import type wireguard file "wireguard.conf"

Edited by SavageAUS
Link to comment
On 5/8/2022 at 7:02 AM, bonienl said:

Unraid does not accept a system wide DNS setting, instead - if a specific DNS is required - you should configure that under extra parameters of the docker container.

Like:

--dns=100.x.y.z

 

 

thanks! I updated the OP with this information

Link to comment
On 5/8/2022 at 9:36 AM, AndiAUT said:

So I tried to use "--dns=8.8.8.8" as extra parameter in the firefox docker container. I figured if use this parameter and go to https://www.dnsleaktest.com/ i should see the nearest Google DNS after a Standard test, but instead I see the DNS that Mullvad would use if I used the Mullvad PC app. As if the --dns setting deletes the Unraid DNS setting for that container and so it reverts to the Mullvad DNS.

 

Try with a different provider? It sounds to me like Mullvad is redirecting all DNS through their servers regardless of your --dns setting.  I tested with VPN Jantit (in the OP) and dnsleaktest showed the expected results.

Link to comment
2 hours ago, ljm42 said:

 

Try with a different provider? It sounds to me like Mullvad is redirecting all DNS through their servers regardless of your --dns setting.  I tested with VPN Jantit (in the OP) and dnsleaktest showed the expected results.

 

This would be ideal, but why do I get Mullvads DNS if I use the dns parameter (tried it with 1.1.1.1, same result) and my ISPs DNS without the parameter? I would normally expect to get Mullvads DNS with and without the extra parameter set, if it the parameter does nothing.

Link to comment
On 5/8/2022 at 11:32 PM, bonienl said:

Unraid does not accept a system wide DNS setting, instead - if a specific DNS is required - you should configure that under extra parameters of the docker container.

Like:

--dns=100.x.y.z

 

I used resolvconf from slackware.pkgs.org to do dns. (I haven't actually used my script in a while guess I don't have to now seeing as its integrated into the UI)

 

Link to comment

Hello, I have trouble with port forwarding from Mullvad VPN to Transmission docker container.

 

I am running Unraid 6.10.0-rc8, I successfully imported Mullvad config file, and I connect fine (when I curl ifconfig.io from the container I get the VPN ip). But port forwarding doesn't work. I have enabled it in mullvad and set it to the correct city, provided the correct port in transmission, but it's not working. I tried the solution below, but it doesn't seem to work for me.

 

On 12/3/2019 at 8:03 PM, Dataone said:

 

I know that this is the trick for Plex, but you may be able to do the same with the jellyfin ports.

PostUp  = iptables -t nat -I PREROUTING -p tcp --dport *external port* -j REDIRECT --to-ports 32400 (internal plex port)
PreDown = iptables -t nat -D PREROUTING -p tcp --dport *external port* -j REDIRECT --to-ports 32400 (internal plex port)

 

 

I added this lines to Wiregurad config:

 

PostUp  = iptables -t nat -I PREROUTING -p tcp --dport *mullvad port* -j REDIRECT --to-ports *mullvad port*
PreDown = iptables -t nat -D PREROUTING -p tcp --dport *mullvad port* -j REDIRECT --to-ports *mullvad port*

 

Maybe I screwed up with the iptables (I am not 100% what is going on here). Does anyone have similar problems, and how did you solve them? Any help would be greatly appreciated!

  • Upvote 2
Link to comment

Hi. Now that 6.10 is released with Wireguard integrated into the webgui, I'm trying to connect a tunnel to my VPN, Surfshark. I downloaded a conf file with the server I want to connect to and "Import Tunnel". Everything seemed to populate ok except the mandatory field "Peer tunnel address". What is supposed to go here?

Link to comment
  • 3 weeks later...
Posted (edited)

Hey all, I use Mullvad; I set up wg2 as a tunnel successfully and I have a few containers running in it, however I'm trying to port forward thru mullvad. In the CLI for a container, I can verify that I am connected to the VPN, however when I check the port it tells me it is not forwarded. Is this a limitation of the feature currently, or a misconfiguration on my end, and if so, how can I address it? Thanks!

 

ed. I'm a dunce... Same issue here as Purely8120 above, but I've not attempted to set an iptables rule.

 

ed2; Tried setting those IPTables rules under [Interfaces], import it, and reboot, and I'm still getting a bad response unfortunately.

 

ed3; I've tried hitting my head against the wall in a number of ways; I have read up on what exactly the iptables is setting and it seems to make sense; I've tried replacing -I with -A (no reason why append would work differently but insert, but whatever), no dice, tried even changing the peer endpoint to the now opened port, no dice.

 

I've gone back to a container with the wireguard support built-in, and it is working fine now, I just would love for the built-in feature to work so as not to use so many slots. If anyone has some wisdom to add to the equation, please let me know. 

 

mullvad.png.5291d4b52036a8b5735b426999349c52.png

Edited by hking0036
added troubleshooting
Link to comment

Does anyone know if it’s is possible to configure a proxy port (like privoxy) with this set up? Runnings things through the wg network seems great for all things on unraid but I have used privoxy to piggery back browsers on my desktop pc through the privoxy docker container. Thanks!


Sent from my iPhone using Tapatalk

Link to comment

Hello again!

 

I just want to update the port forwarding problem I described a few replies above:

 

It turns out it was really simple. Just expose wanted ports on the docker menu for the container you want to forward ports to...

 

Hope it helps!

Link to comment
  • 4 weeks later...

Forgive me if this has been asked before, I did search the forums and Google, but I am coming up short.

 

I have imported my WireGuard conf (AirVPN) and the peer type of access is set to "VPN tunnel for docker containers only". The tunnel appears to be connected and working, but the wg0 custom network does not appear in the drop down list of network options in the container settings.

 

It also does not appear when running

docker network ls

 

I have restarted the docker service and recreated the WireGuard tunnel a few times, but this does not seem to help.

I am running unRAID 6.10.3.

 

Have I missed something obvious?

Link to comment
  • 3 weeks later...
  • 2 weeks later...

I was looking at this to replace OpenVPN containers that I set as network type of various dockers but I noticed that any container I set to the wireguard tunnel is using unraid's default DNS routing and not the wireguard provided one.

 

image.png.250da8dafbf502a41dbc225c5d986ae8.png

Likely I'm misunderstanding but shouldn't this setting dictate what the tunnel uses? Aside from manually adding -dns to every docker using the tunnel is there some setting I'm not using correctly?

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.