Setting Up WireGuard® on Unraid

[charredresistors]

Hello all,

 

I have been having a tough time getting internet access with Wireguard.

 

My Wireguard setup is as follows:

 

On my router I have a static route from the 10.253 network to the server IP. I also have port 51820 forwarded to the server.

 

When I turn on wireguard, I can access everything on my 192.xxx.x.x network, but cannot access the internet at large.

 

Here's showing that I have access to the router, and that the traceroute stops at the router. Any help would be appreciated.

 

[GNET]

Why is my allowed IPs showing 0.0.0.0/0 on the Peer configuration: AllowedIPs=0.0.0.0/0? VPN is connected but I can not browse the internet.

[Jobine]

Question...

Everything works good with my iphone with 5G ou LTE.

 

If I'm on the hotel wifi, nothing work.

 

Any idea ?

 

Thank,

[axipher]

4 hours ago, Jobine said:

Question...

Everything works good with my iphone with 5G ou LTE.

 

If I'm on the hotel wifi, nothing work.

 

Any idea ?

 

Thank,

 

I've had that too at local pools and sporting centers while on their Free WiFi.  Seems to be them blocking out-going connections on certain ports, I've had luck adding some different port mappings and switching between them, but it's a pain and normally I just revert back to my LTE.

[downdrown]

You folks just saved my day! I had the same issue with setting up VMs and PiHole in Docker, thanks a lot!

[ijuarez]

I just tried this and I got to give it up to whoever implemented this. It was easy and far all I had to do was port forward a port. 
 

very easy

[hathi_ndg]

How may I setup the built-in Wireguard VPN server feature so that my qbittorrent traffic goes through it and remains hidden from outside eyes? For the life of me I've been searching for weeks and can't find a clear answer  thanks so much for any help!

[trurl]

1 hour ago, hathi_ndg said:

traffic goes through it and remains hidden from outside eyes?

This requires a VPN service outside your network.

[sonic6]

Hi, it there a place to report a "bug" with wireguard?

 

if i add a IP to "Peer allowed IPs", it won't be shown in the downloadable config:

 

[Jobine]

On 1/26/2024 at 8:25 PM, axipher said:

 

I've had that too at local pools and sporting centers while on their Free WiFi.  Seems to be them blocking out-going connections on certain ports, I've had luck adding some different port mappings and switching between them, but it's a pain and normally I just revert back to my LTE.

I'm doing the same thing, but at the cottage the LTE isn't working well, so I'd like to connect via wifi.

[axipher]

On 5/3/2024 at 1:01 PM, Jobine said:

I'm doing the same thing, but at the cottage the LTE isn't working well, so I'd like to connect via wifi.

 

Sorry for the delay, I hadn't been to the local pool in a month.

 

To give a tiny update.  I have WireGuard on Unraid setup to use port 51821 as the main Local Endpoint port on my WAN IP address.

 

For testing, on my router, I have both external port 51821 forwarded to internal port 52821; AND external port 80 forwarded to internal port 52821.

 

I did the QR code based setup from the WireGuard App on my phone to install the profile and tested that to make sure it works.  Then edited the profile and changed the port from 51821 to 80 and tried again while on LTE and it worked.

 

Then at the pool where most other ports I've tried seemingly get blocked, this time the VPN worked fine since.

 

 

Now there are security concerns about using a well-known public port so I chose to ensure that Wireguard in this case is only being used for DNS to my local PiHole for ad-blocking and no network level access or tunnel is actually in place.  And on the majority of days where I don't need that specific VPN access, I leave that port forwarding rule disabled on my router.

 

 

 

I'm hoping someone else here can chime in any maybe offer a more elegant of safer solution.  I'm not an IT expert, so I have no idea how safe the WireGuard endpoint port is being in the more common range of ports that attackers will typically try to go after.