This is an automated archive.

The original was posted on /r/wireguard by /u/Spiritedbong on 2024-01-15 09:37:04+00:00.

---

Is WireGuard's native app better than using the client app provided by the VPN on Windows, Mac, and Linux?

There was a noticeable slowdown when using Mullvad's client app on Linux... (MTU was set correctly)

This is an automated archive.

The original was posted on /r/wireguard by /u/chaplin2 on 2024-01-15 08:56:02+00:00.

---

I have a server behind a firewall with no possibility to open ports. Also, only the outgoing 22, 80, and 443 are open, all of them TCP.

I want to expose my server through a VPS in the cloud. I will run a Wireguard server on my server say at port 1234. I will connect the port 1234 at my server by the SSH reverse port forwarding, or an OpenVPN 443/tcp tunnel, to the VPS. On VPS, I will run a reverse proxy. The client will connect to the VPS from the internet with Wireguard, which the reverse proxy will then forward to port 1234 on my local server. That will provide a tunnel from the client to my server, end to end encrypted.

Will this set up work well? The main concern is performance, due to the UDP over TCP.

Also, will SSH slower than OpenVPN tcp tunnel?

This is an automated archive.

The original was posted on /r/wireguard by /u/Evening_Truth_1568 on 2024-01-15 07:58:35+00:00.

---

Last commit i think i saw few months ago, is wireguard now all-perfect piece of software, not requiring any updates?

It makes me just wonder a bit, that's all

This is an automated archive.

The original was posted on /r/wireguard by /u/CrystalNPYT on 2024-01-15 07:47:33+00:00.

---

Hi, I am trying to set up wireguard using pivpn and I have set up everything correctly as far as I know. I have port forwarded 51820 on udp, disabled firewall, recheck the ips and gateway and stuff. When I connect from my phone or windows to the wireguard server there is no internet access but it is transmitting something where my Rx remains at 0B all the time. I am new to this and I don't really know what to do please help.

:::: PiVPN debug ::::

:::: Latest commit ::::

Branch: master

Commit: a85d3752ef94ed1aaad70ba6d483f93583152eca

Author: Orazio

Date: Wed Dec 13 18:09:55 2023 +0100

Summary: fix(scripts): disallow using server's name as client name (#1791)

:::: Installation settings ::::

PLAT=Ubuntu

OSCN=jammy

USING_UFW=0

IPv4dev=enp2s0

IPv6dev=enp2s0

install_user=crystal

install_home=/home/crystal

VPN=wireguard

pivpnPORT=51820

pivpnDNS1=8.8.8.8

pivpnDNS2=8.8.4.4

pivpnHOST=REDACTED

INPUT_CHAIN_EDITED=0

FORWARD_CHAIN_EDITED=0

INPUT_CHAIN_EDITEDv6=0

FORWARD_CHAIN_EDITEDv6=0

pivpnPROTO=udp

pivpnMTU=1420

pivpnDEV=wg0

pivpnNET=10.178.174.0

subnetClass=24

pivpnenableipv6=1

pivpnNETv6="fd11:5ee:bad:c0de::"

subnetClassv6=64

ALLOWED_IPS="0.0.0.0/0, ::0/0"

UNATTUPG=1

INSTALLED_PACKAGES=()

:::: Server configuration shown below ::::

[Interface]

PrivateKey = server_priv

Address = 10.178.174.1/24,fd11:5ee:bad:c0de::1/64

MTU = 1420

ListenPort = 51820

begin Test

[Peer]

PublicKey = Test_pub

PresharedKey = Test_psk

AllowedIPs = 10.178.174.2/32,fd11:5ee:bad:c0de::2/128

end Test

:::: Client configuration shown below ::::

[Interface]

PrivateKey = Test_priv

Address = 10.178.174.2/24,fd11:5ee:bad:c0de::2/64

DNS = 8.8.8.8, 8.8.4.4

[Peer]

PublicKey = server_pub

PresharedKey = Test_psk

Endpoint = REDACTED:51820

AllowedIPs = 0.0.0.0/0, ::0/0

:::: Recursive list of files in ::::

:::: /etc/wireguard shown below ::::

/etc/wireguard:

configs

keys

wg0.conf

/etc/wireguard/configs:

clients.txt

Test.conf

/etc/wireguard/keys:

server_priv

server_pub

Test_priv

Test_psk

Test_pub

:::: Self check ::::

:: [OK] IP forwarding is enabled

:: [OK] Iptables MASQUERADE rule set

:: [OK] WireGuard is running

:: [OK] WireGuard is enabled

(it will automatically start on reboot)

:: [OK] WireGuard is listening on port 51820/udp

This is an automated archive.

The original was posted on /r/wireguard by /u/vickmtzhdez on 2024-01-15 06:32:35+00:00.

---

I have a totalplay service where they comment that it has natized ip , I would like to know how I could create the VPN server from Windows with WireGuard and connect remotely, I have the static IP and DDNS and the 51820 open ports

This is an automated archive.

The original was posted on /r/wireguard by /u/MurkyYesterday7 on 2024-01-14 23:14:19+00:00.

---

i have three Ubuntu VPS (1,2 & 3) on different providers. i have wireguard servers running on all three servers. Vps 1 is Connected VPS2 & VPS3 through wireguard for specific allowed ip ranges and it works perfectly fine. But when i connect to VPS1 from other external device like my pc through wireguard client, all traffic are reachable except the ip range that are allowed in VPS2 & VPS3 config files.

Ip forwarding is enabled on all three servers in system file and outside aswell. Firewall settings is also configured correctly and every wireguard server is using different port so there are no conflicting ports. my guess is, it has something to do with route table or pre and post route commands.

Any suggestion would be helpful

This is an automated archive.

The original was posted on /r/wireguard by /u/soufianni on 2024-01-14 17:18:00+00:00.

---

So imagine I have an mc server running om port 25565 on my laptop.

The laptop is connected to the vpn server in the cloud, if pepole connect to public ip of the wg server : port that i defined then they should connect to my laptop running the mc server.

But how do i do that?

btw i am using pivpn and oracle cloud to run the vpn server

This is an automated archive.

The original was posted on /r/wireguard by /u/FlashLightning67 on 2024-01-14 07:38:03+00:00.

---

I’m not very knowledgeable about all this so apologies if I get anything messed up.

I just set up a WireGuard connection between my phone and my Ubuntu server. On the server I am able to access a self hosted site on the port 2000, so I can access it at localhost:2000. I can also access this on the same network from local-ip:2000.

I want to use the WireGuard vpn to be able to connect to this site from anywhere using my phone. However after setting it up, I don’t seem to be able to do this. Using the servers WireGuard IP doesn’t work, nor does the local ip or localhost. In my attempts to get it to work I managed to get it working with 0.0.0.0/0 as the allowed IP so I can access any website using the vpn, but I can’t find a way to access this locally hosted site. How can I set this up to work the way I want?

This is an automated archive.

The original was posted on /r/wireguard by /u/rudboi12 on 2024-01-13 23:47:21+00:00.

---

So my ISP gives me a dynamic ip. I setup my wg server with a ddns and openned a port in my isp router. Everything worked fine for months until now that I can’t connect to my server.

I figured that my ip changed and my clients (ios devices) didn’t reconnect properly. Whenever I start the connection in my client, I get the “old” endpoint ip and can send data but no internet. Logs say that handshake not successful and keeps retrying every 5secs.

I know for a fact that my internet in the server side is working since I have a smart plug (connected to my vpn server setup) and I can see it on and turn it on and off and even update the firmware.

I also tried restarting the vpn server (by turning off my smart plug) and nothing.

Anyone has any tips? Everything worked fine for MONTHS and im about 1000 miles away from my home network so I can’t really see whats happening on the server side

This is an automated archive.

The original was posted on /r/wireguard by /u/skorphil on 2024-01-13 18:33:56+00:00.

---

Hi, i am currently having wireguard server docker container running on ubuntu vps. However i am rarely using it and now dont need vps for other stuff. So i want to reduce costs and not pay for 24/7 vps.

Am i able to deploy wireguard to serverless platforms, which bill only for time my container is used? Like Google cloud run or others

This is an automated archive.

The original was posted on /r/wireguard by /u/thecaptain78 on 2024-01-13 07:17:25+00:00.

---

I have tried editing the iOS config file and removing the network and re-adding but when I connect to that WiFi network Wireguard connects. If I switch back to one of the other WiFi networks Wireguard de-activates the VPN.

The problem SSID is from a Unifi UAP AC Pro. How do I troubleshoot?

This is an automated archive.

The original was posted on /r/wireguard by /u/stereo-heroes on 2024-01-12 20:25:43+00:00.

---

Hello everyone, I host my own WireGuard tunnel back to my house. Today, while at the hotel, I observed that I can see other people’s streaming devices and wireless speakers even with my Bluetooth turned off. Is there an issue with the configuration, or does the iPhone bypass the VPN for certain activities?

This is an automated archive.

The original was posted on /r/wireguard by /u/chaos2tw on 2024-01-12 20:00:41+00:00.

---

Hello,

I’m using WireGuard on a PiHole VPS. When I SSH to the VPS I am presented with the necessary QR codes. If I want to add users I do sudo ./regen-vpn-keys.sh (#) where # is the number of keys and QR codes it generates. It doesn’t store these anywhere but in, I think, wg0.conf. If I don’t take a picture of the QR codes I don’t know how to access them again.

Looking at this website, I know how to generate the QR codes but they are all stored in wg0.conf.

Is there a way to use: wg0.conf user1.conf user2.conf And so on?

Or do I need to copy the user configs from wg0.conf to their own file and regenerate the QRd from there ?

Thanks for assisting!

This is an automated archive.

The original was posted on /r/wireguard by /u/XmechaniX on 2024-01-12 21:42:18+00:00.

---

Hi, I'm using wireguard on GrapheneOS in a multi user environment. For some strange reasons, the second user cannot share the public key information (the button is missing in the lover left corner when taping on the key) Does anyone know if this is a app permission issue?

This is an automated archive.

The original was posted on /r/wireguard by /u/thorgrotle on 2024-01-12 18:16:15+00:00.

---

Hello everyone

I have created a 2 scripts to make setup of Wireguard easy. It has support for multiple profiles and clients, with create, view and remove function.

Clients configs will be displayed on screen and QR code, as well as found in file structure.

Currently I have made the script files, you will manually have to move them to correct folder and set execution bit on, as well as install wireguard-tools and qrencode.

Later on, I plan on making it a .deb / .rpm installation package.

Tell me what you think of it?

Kind regards Thor Grotle

This is an automated archive.

The original was posted on /r/wireguard by /u/cFiOS on 2024-01-12 19:37:28+00:00.

---

I am trying to create a simple Docker Compose stack that has a VPN container and service containers (Nextcloud in this example). I would like WireGuard peers/clients to connect and be able to use something like to access the service.

I am trying to keep the stack as small as I can and assumed that I would be able to take advantage of the Docker network that is created to leverage DNS. This isn't working but I can get to my desired service by IP ().

I also tried using a reverse proxy (Caddy) to resolve the hostname to the IP:Port but it wasn't working because of no DNS advertisement.

***
services:
  wireguard:
    image: ghcr.io/wg-easy/wg-easy
    hostname: wireguard
    ports:
      #- 80:80 # nextcloud
      - 51820:51820/udp
      - 51821:51821/tcp
    environment:
      - WG_HOST=$WANIP
      - WG_DEFAULT_DNS=10.8.0.1, 9.9.9.9
    tmpfs:
      - /etc/wireguard
    cap_add:
      - NET_ADMIN
      - SYS_MODULE
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1
      - net.ipv4.ip_forward=1

  nextcloud:
    image: nextcloud
    #network_mode: service:wireguard

A goal is to also be as one-touch as possible which is why I haven't put a DNS container into the stack.

This is an automated archive.

The original was posted on /r/wireguard by /u/thorgrotle on 2024-01-12 18:16:15+00:00.

---

Hello everyone

I have created a 2 scripts to make setup of Wireguard easy. It has support for multiple profiles and clients, with create, view and remove function.

Clients configs will be displayed on screen and QR code, as well as found in file structure.

Currently I have made the script files, you will manually have to move them to correct folder and set execution bit on, as well as install wireguard-tools and qrencode.

Later on, I plan on making it a .deb / .rpm installation package.

Tell me what you think of it?

Kind regards Thor Grotle

This is an automated archive.

The original was posted on /r/wireguard by /u/Outrageous-Part7294 on 2024-01-12 17:12:03+00:00.

---

Recently been looking into vpns but I don't know much, explain like I'm 5 pls

This is an automated archive.

The original was posted on /r/wireguard by /u/Imaginary_Travel_714 on 2024-01-11 22:31:29+00:00.

---

Hi all,

I want to connect to my home network through WireGuard, but I don't have a public IP. Therefore, I have a Raspberry Pi (which also hosts Home Assistant) connected as a client to a VPS with a public IP. I've also redirected the Home Assistant webpage using NGINX. I've now installed a "server" WireGuard on my Raspberry Pi and redirected all incoming traffic on port 51840/udp (not the usual one to avoid conflicts with the existing server on the VPS) with rinetd to the IP of the Raspberry Pi on the VPS. I've allowed incoming traffic on port 51840/udp on UFW.

When I connect to the Raspberry Pi server using the VPS IP as the endpoint and port 51840, I see outgoing traffic, but I receive 0B. Any idea why?

I've tried to connect locally and on the VPS to the WireGuard server on the Raspberry Pi, and I get traffic in both directions. So, I'm thinking maybe the firewall on the VPS (UFW) is blocking the outgoing port on the Raspberry Pi? In UFW, I have outgoing traffic allowed...

This is an automated archive.

The original was posted on /r/wireguard by /u/Imaginary_Travel_714 on 2024-01-11 22:31:29+00:00.

---

Hi all,

I want to connect to my home network through WireGuard, but I don't have a public IP. Therefore, I have a Raspberry Pi (which also hosts Home Assistant) connected as a client to a VPS with a public IP. I've also redirected the Home Assistant webpage using NGINX. I've now installed a "server" WireGuard on my Raspberry Pi and redirected all incoming traffic on port 51840/udp (not the usual one to avoid conflicts with the existing server on the VPS) with rinetd to the IP of the Raspberry Pi on the VPS. I've allowed incoming traffic on port 51840/udp on UFW.

When I connect to the Raspberry Pi server using the VPS IP as the endpoint and port 51840, I see outgoing traffic, but I receive 0B. Any idea why?

I've tried to connect locally and on the VPS to the WireGuard server on the Raspberry Pi, and I get traffic in both directions. So, I'm thinking maybe the firewall on the VPS (UFW) is blocking the outgoing port on the Raspberry Pi? In UFW, I have outgoing traffic allowed...

This is an automated archive.

The original was posted on /r/wireguard by /u/Mr_Viper on 2024-01-11 04:22:10+00:00.

Original Title: Wireguard is running in a docker container on a VM in Proxmox. I'm able to connect to Wireguard on my phone using the QR code, but can't load webpages / internal IP addresses / etc. Issue with Port Forwarding in Proxmox?

---

Running Proxmox 8.1.3 on a Mini PC. One of the VMs is designated for Wireguard. Here is the docker-compose file for the container I'm running:

services:
  wireguard:
    container_name: wireguard
    image: lscr.io/linuxserver/wireguard:legacy
    restart: unless-stopped
    ports:
      - "51820:51820/udp"
    environment:
      - PUID=222
      - PGID=222
      - UMASK=002
      - TZ=America/New_York
      - SERVERURL=192.168.123.56 #optional 
      - SERVERPORT=51820 #optional
      - PEERS=phone,surfacego,macbook #optional 
      - PEERDNS=auto #optional
      - INTERNAL_SUBNET=10.13.13.0 #optional
      - ALLOWEDIPS=0.0.0.0/0, ::0/0 #optional
      - PERSISTENTKEEPALIVE_PEERS= #optional
      - LOG_CONFS=true #optional
    volumes:
      - wireguard-config:/config
      - /lib/modules:/lib/modules
    cap_add:
      - SYS_MODULE 
      - NET_ADMIN
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1

I have port forwarding set up on my Google Home app, UDP, pointing to my mini PC's IP, with the default 51820 port.

I can scan the QR code with my phone and connect to Wireguard, but I'm unable to even navigate to a website, let alone access any internal network IPs.

Is there some additional port forwarding settings I need to change in Proxmox so that the 51820 port specifically points to my Wireguard VM, then into the Wireguard docker container?

I'm just about at the edge of my experience with this stuff 😓 so any advice would be appreciated. I'll answer any questions about the stuff I clunkily explained above.

This is an automated archive.

The original was posted on /r/wireguard by /u/Mr_Viper on 2024-01-11 04:22:10+00:00.

Original Title: Wireguard is running in a docker container on a VM in Proxmox. I'm able to connect to Wireguard on my phone using the QR code, but can't load webpages / internal IP addresses / etc. Issue with Port Forwarding in Proxmox?

---

Running Proxmox 8.1.3 on a Mini PC. One of the VMs is designated for Wireguard. Here is the docker-compose file for the container I'm running:

services:
  wireguard:
    container_name: wireguard
    image: lscr.io/linuxserver/wireguard:legacy
    restart: unless-stopped
    ports:
      - "51820:51820/udp"
    environment:
      - PUID=222
      - PGID=222
      - UMASK=002
      - TZ=America/New_York
      - SERVERURL=192.168.123.56 #optional 
      - SERVERPORT=51820 #optional
      - PEERS=phone,surfacego,macbook #optional 
      - PEERDNS=auto #optional
      - INTERNAL_SUBNET=10.13.13.0 #optional
      - ALLOWEDIPS=0.0.0.0/0, ::0/0 #optional
      - PERSISTENTKEEPALIVE_PEERS= #optional
      - LOG_CONFS=true #optional
    volumes:
      - wireguard-config:/config
      - /lib/modules:/lib/modules
    cap_add:
      - SYS_MODULE 
      - NET_ADMIN
    sysctls:
      - net.ipv4.conf.all.src_valid_mark=1

I have port forwarding set up on my Google Home app, UDP, pointing to my mini PC's IP, with the default 51820 port.

I can scan the QR code with my phone and connect to Wireguard, but I'm unable to even navigate to a website, let alone access any internal network IPs.

Is there some additional port forwarding settings I need to change in Proxmox so that the 51820 port specifically points to my Wireguard VM, then into the Wireguard docker container?

I'm just about at the edge of my experience with this stuff 😓 so any advice would be appreciated. I'll answer any questions about the stuff I clunkily explained above.

This is an automated archive.

The original was posted on /r/wireguard by /u/NewbieCasanova on 2024-01-11 03:11:12+00:00.

---

I made a post earlier this week about wireguard VPN disability Microsoft Teams ability to make calls. Turns out I can make calls on the website version of teams, mobile version, but not the computer application version. I can go on instagram through the browser, but not the phone app version.

I set the MTU to 1280 as suggested. Ports 51820 and 5060 are open. I can browse the internet.

What could be the cause of this? Could it be the GL.iNet router issue?

I have 2 glinet router, one for home and one for travel. One is for wireguard server and the other is for wireguard client.

This is an automated archive.

The original was posted on /r/wireguard by /u/NewbieCasanova on 2024-01-11 03:11:12+00:00.

---

I made a post earlier this week about wireguard VPN disability Microsoft Teams ability to make calls. Turns out I can make calls on the website version of teams, mobile version, but not the computer application version. I can go on instagram through the browser, but not the phone app version.

I set the MTU to 1280 as suggested. Ports 51820 and 5060 are open. I can browse the internet.

What could be the cause of this? Could it be the GL.iNet router issue?

I have 2 glinet router, one for home and one for travel. One is for wireguard server and the other is for wireguard client.

This is an automated archive.

The original was posted on /r/wireguard by /u/Confident_Fee_2225 on 2024-01-11 02:15:35+00:00.

---

I imagine you can use the profile to find out which location i am connecting to. But can it be used to find out what ip address i am appearing as?

Also. If someone gains access to my wireguard config & private key, what can that be used for? How can it be used to find out about me/ my activites & history?