WireGuard

This is an automated archive.

The original was posted on /r/wireguard by /u/Confident_Fee_2225 on 2024-01-11 02:15:35+00:00.

I imagine you can use the profile to find out which location i am connecting to. But can it be used to find out what ip address i am appearing as?

Also. If someone gains access to my wireguard config & private key, what can that be used for? How can it be used to find out about me/ my activites & history?

This is an automated archive.

The original was posted on /r/wireguard by /u/southerndoc911 on 2024-01-10 15:51:10+00:00.

I've had WireGuard running with on-demand enabled for >1 year without any problems on my iPhone. I installed the NextDNS iOS profile to make DNS lookups DoH. Since then, the on-demand doesn't automatically tunnel and will sometimes turn itself off.

Is there a workaround for this (or is anyone else experiencing it)?

This is an automated archive.

The original was posted on /r/wireguard by /u/tgreatone316 on 2024-01-10 15:30:44+00:00.

I am having trouble getting a site to site VPN working from AWS to an UDM Pro. I have standard VPC setup with one public and private subnets. The public subnet has the Linux EC2 Ubuntu instance with wireguard installed. The private subnet has its route set as a second interface on the EC2 instance. The wireguard EC2 instance can connect to the UDM pro and ping devices behind the UDM pro in private subnets. However, devices behind the UDM pro cannot ping servers in EC2. Any suggestions as to things I should look at?

This is an automated archive.

The original was posted on /r/wireguard by /u/x420d0taMaSt3rMLG69x on 2024-01-10 14:50:47+00:00.

Since it's 2024, I'm looking for the best VPN, and I want to base my choice on what you, the experienced and knowledgeable Reddit users, recommend. Since there are so many VPN options, and I can't think of anyone better to help me choose than you all here on Reddit. I'm particularly interested in:

I've seen a few names mentioned a lot in different posts, but I really want to hear more from the community to get a better overall picture:

• NordVPN: I've noticed NordVPN is often praised for its strong security and fast speeds. It seems like a top choice for many who need reliable and secure internet access.
• Surfshark: Surfshark has caught my attention for allowing unlimited devices on a single account, which is pretty unique. Plus, its pricing is competitive, making it an attractive option for budget-conscious users.
• Mullvad: Mullvad stands out to me for its heavy focus on privacy and anonymity. It's appealing, especially if you're someone who puts a high value on keeping your online activities private.
• ProtonVPN: I've seen ProtonVPN recommended for its commitment to security and privacy. Users also seem to appreciate its user-friendly interface, which is a big plus for those who aren't too tech-savvy.

I'm looking forward to hearing your thoughts and experiences:

• What is the best VPN in 2024 and why?
• Which VPN is the best for torrenting?
• What VPN is best for streaming?

Thank you for sharing your knowledge and experiences!

This is an automated archive.

The original was posted on /r/wireguard by /u/RedSkyNL on 2024-01-10 11:59:02+00:00.

I've been running Wireguard for a while now, but i also have a Pi-Hole machine running. I was wondering:

1. Can i just add that Pi-Hole IP (so not in the same subnet as my Wireguard VPN IP's, but perfectly reachable through Wireguard VPN) as a DNS Server
2. If needed, is it correct that i can just add 1 search domain behind the DNS server (in the client.conf) so only DNS lookups reflecting that domain will be forwarded to the specified DNS server?

This is an automated archive.

The original was posted on /r/wireguard by /u/tuanson84uk on 2024-01-10 08:11:59+00:00.

I set up a wireguard VPN using pivpn on a Digital Ocean droplet and connected to it from my pfsense router at home. It seemed to work fine at first, but then I noticed that some sites would not load, and the browser would display a connection timeout error.

I followed some suggestions to change the MTU value from both sides, but it did not help. Does anyone know what might be causing this issue?

I appreciate any help.

Thank you.

This is an automated archive.

The original was posted on /r/wireguard by /u/NewbieCasanova on 2024-01-10 07:36:13+00:00.

For the past week I've been trying to set up wireguard vpn server and client. I purchased 2 routers that has wireguard installed. 1 router for home use and the other for travel use.

Please correct me if im wrong but I would need to purchase a independent vpn to use on the wireguard client correct?

This is an automated archive.

The original was posted on /r/wireguard by /u/tuanson84uk on 2024-01-10 08:11:59+00:00.

I set up a wireguard VPN using pivpn on a Digital Ocean droplet and connected to it from my pfsense router at home. It seemed to work fine at first, but then I noticed that some sites would not load, and the browser would display a connection timeout error.

I followed some suggestions to change the MTU value from both sides, but it did not help. Does anyone know what might be causing this issue?

I appreciate any help.

Thank you.

This is an automated archive.

The original was posted on /r/wireguard by /u/NewbieCasanova on 2024-01-10 04:58:51+00:00.

I have a home router and travel router. Wireguard server is on the home and Wireguard client is on the travel. On the travel router, there is internet connectivity. But a few apps and certain functions are not working. For example, Microsoft teams can be used to send messages but I cannot join a call. Instagram will open and refresh but I cannot load a reel or send a message.

Port 51820 is enabled.

I know its a VPN issue because openvpn works.

What could be the issue?

This is an automated archive.

The original was posted on /r/wireguard by /u/Endurable8432 on 2024-01-09 23:32:34+00:00.

Hello WireGuard users.

I followed this guide: and have succesfuly set up WireGuard on my Linux server and connected to Mullvad VPN.

I want to route all my devices to go through this WireGuard VPN before acessing the internet, I am not sure what I am doing wrong.

I tried using static routing in the router settings to route devices (destination IP) to the Linux server (gateway ip address). But this did not work. Any suggestions or advice would be much appreciated!

This is an automated archive.

The original was posted on /r/wireguard by /u/skinox on 2024-01-09 22:21:09+00:00.

I have setup a server on Asus RT-AX58U router.

And my client has established successfull connection to the WG server, however the speed he is getting is 10 mbit/sec down on home Wi-Fi. My ISP is 300 mbit/sec up/down, my client ISP speed is 100 mbit/sec up/down. I thought maybe it's some serve issue, however if the client connect to the hotspot from the phone, he gets 100mbit/sec down without any problem. First thought that came to my mind is ISP of the client is throttling the UDP connection to 10 mbit/sec, however client did UPD speedtest and got 100mbit/sec down, also client used NordVPN with Nordlynx protocol, which is WG, and got 100mbit/sec. So confused at this point, would appreciate any help.

This is an automated archive.

The original was posted on /r/wireguard by /u/Endurable8432 on 2024-01-09 23:32:34+00:00.

Hello WireGuard users.

I followed this guide: and have succesfuly set up WireGuard on my Linux server and connected to Mullvad VPN.

I want to route all my devices to go through this WireGuard VPN before acessing the internet, I am not sure what I am doing wrong.

I tried using static routing in the router settings to route devices (destination IP) to the Linux server (gateway ip address). But this did not work. Any suggestions or advice would be much appreciated!

This is an automated archive.

The original was posted on /r/wireguard by /u/skinox on 2024-01-09 22:21:09+00:00.

I have setup a server on Asus RT-AX58U router.

And my client has established successfull connection to the WG server, however the speed he is getting is 10 mbit/sec down on home Wi-Fi. My ISP is 300 mbit/sec up/down, my client ISP speed is 100 mbit/sec up/down. I thought maybe it's some serve issue, however if the client connect to the hotspot from the phone, he gets 100mbit/sec down without any problem. First thought that came to my mind is ISP of the client is throttling the UDP connection to 10 mbit/sec, however client did UPD speedtest and got 100mbit/sec down, also client used NordVPN with Nordlynx protocol, which is WG, and got 100mbit/sec. So confused at this point, would appreciate any help.

This is an automated archive.

The original was posted on /r/wireguard by /u/smoreofnothing22 on 2024-01-09 17:56:40+00:00.

Non-networking pro here. Very new to all of this, but could really use some help.

I'm abroad and using a travel client router (Slate AX GL-AXT1800) to connect to my server router (Flint GL-AX1800) at home. Generally speaking, everything works as intended, I verify my IP address from abroad, its the same as my home router, I have decent connection, etc.

But like...5-10 times a day "the internet will stop working". Overall, it seems random, but sometimes perhaps tied to some event (computer goes to sleep, etc). If I stop and restart the wireguard client in my settings, it goes back to normal. Other than the annoyance of having to do this and risk of losing connection mid conference call or something, I'm also concerned I'm losing the connnection and possibly leaking traffic when its down.

Currently set up with ethernet from abroad router to travel router, then wifi to computer if that makes a difference.

Any way I can get it to stay connecting, running, etc?

This is an automated archive.

The original was posted on /r/wireguard by /u/smoreofnothing22 on 2024-01-09 17:56:40+00:00.

Non-networking pro here. Very new to all of this, but could really use some help.

I'm abroad and using a travel client router (Slate AX GL-AXT1800) to connect to my server router (Flint GL-AX1800) at home. Generally speaking, everything works as intended, I verify my IP address from abroad, its the same as my home router, I have decent connection, etc.

But like...5-10 times a day "the internet will stop working". Overall, it seems random, but sometimes perhaps tied to some event (computer goes to sleep, etc). If I stop and restart the wireguard client in my settings, it goes back to normal. Other than the annoyance of having to do this and risk of losing connection mid conference call or something, I'm also concerned I'm losing the connnection and possibly leaking traffic when its down.

Currently set up with ethernet from abroad router to travel router, then wifi to computer if that makes a difference.

Any way I can get it to stay connecting, running, etc?

This is an automated archive.

The original was posted on /r/wireguard by /u/jackjackk0 on 2024-01-09 17:08:54+00:00.

As per title, more details in this gist:

I really don't know how to debug this further, spent the past holidays trying to figure out a solution! any suggestion is super appreciated!

This is an automated archive.

The original was posted on /r/wireguard by /u/laurencijs on 2024-01-09 13:23:44+00:00.

Hello, I am new to wiregurad actually experimenting with my first setup, I have googled quite a time but couldn't find anything useful.

Hello, I am new to Wiregurad and experimenting with my first setup, I have googled quite a time but couldn't find anything useful.DNS in the wg conf file it anyway alters the current resolv.conf and adds "nameserver 1.1.1.1" to it, which is incorrect. Currently, DNS entries are managed by a DHCP server and I like it to stay that way.

Is there any way to set up the client not to do any DNS changes on the client side?

This is an automated archive.

The original was posted on /r/wireguard by /u/jackjackk0 on 2024-01-09 17:08:54+00:00.

As per title, more details in this gist:

I really don't know how to debug this further, spent the past holidays trying to figure out a solution! any suggestion is super appreciated!

This is an automated archive.

The original was posted on /r/wireguard by /u/laurencijs on 2024-01-09 13:23:44+00:00.

Hello, I am new to wiregurad actually experimenting with my first setup, I have googled quite a time but couldn't find anything useful.

Hello, I am new to Wiregurad and experimenting with my first setup, I have googled quite a time but couldn't find anything useful.DNS in the wg conf file it anyway alters the current resolv.conf and adds "nameserver 1.1.1.1" to it, which is incorrect. Currently, DNS entries are managed by a DHCP server and I like it to stay that way.

Is there any way to set up the client not to do any DNS changes on the client side?

This is an automated archive.

The original was posted on /r/wireguard by /u/ackleyimprovised on 2024-01-09 12:17:00+00:00.

I have this setup I cant seem to get working.

Camera (192.168.30.50) <-> NUC (192.168.30.100) + Wireguard (10.200.0.2) <-> CNAT Router (192.168.30.1) <-> Internet <-> PFsense (192.168.1.254) + Wireguard (10.200.0.1) <-> Computer (192.168.1.20)

PFsense:

For the Peer:
Allowed IPs 10.200.0.2 and 192.168.30/24

For the tunnel:
Static IP for the iPv4 as 10.200.0.1

Client NUC:

[Interface]
PrivateKey = XXXX 
Address = 10.200.0.2/32
# setup packet forwarding
PreUp = sysctl -w net.ipv4.ip_forward=1

# setup iptables
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
PublicKey = xxx
AllowedIPs = 0.0.0.0/0
Endpoint = domain.name:51820
PersistentKeepalive = 25

The client NUC is able to ping all devices onto the 192.168.1.0/24 network as I have set allowed ips to 0.0.0.0/0.

I can ping the nuc client 10.200.0.2 from the computer

I can ping pfsense 10.200.0.1 from the nuc client.

I can not ping the camera 192.168.30.50 or the nuc client LAN 192.168.30.100 from either pfense or the computer.

I feel its to do with the setup forwarding and ip tables rules as removing this doesn't appear to do anything. My interface names are correct (wg0 and eth0).

This is an automated archive.

The original was posted on /r/wireguard by /u/AccomplishedLet5782 on 2024-01-09 08:53:43+00:00.

Hello, with a Fritzbox I succesfully manage to have a VPN-connection into a network. The problem I have, is that the gateway metric is set at 0, so all internet will be routed trough the tunnel. I only want to use the VPN-tunnel for that specific LAN at the other side of the tunnel. Is there a option in the config to change the metric from start?

This is an automated archive.

The original was posted on /r/wireguard by /u/AccomplishedLet5782 on 2024-01-09 08:53:43+00:00.

Hello, with a Fritzbox I succesfully manage to have a VPN-connection into a network. The problem I have, is that the gateway metric is set at 0, so all internet will be routed trough the tunnel. I only want to use the VPN-tunnel for that specific LAN at the other side of the tunnel. Is there a option in the config to change the metric from start?

This is an automated archive.

The original was posted on /r/wireguard by /u/changchichun on 2024-01-09 00:26:09+00:00.

About a year ago, I purchased some gl.inet routers, about a dozen GL-MV1000s, to establish site-to-site VPNs between multiple business locations. At that time, I used the GoodCloud service provided by gl.inet, which made it very convenient and quick to set up VPNs for multiple points, leaving a deep impression on me!

I would like to ask, is this kind of service referred to as SDN (Software-Defined Networking)? Are there any alternative products available? Or even self-hosted solutions?

This is an automated archive.

The original was posted on /r/wireguard by /u/changchichun on 2024-01-09 00:26:09+00:00.

About a year ago, I purchased some gl.inet routers, about a dozen GL-MV1000s, to establish site-to-site VPNs between multiple business locations. At that time, I used the GoodCloud service provided by gl.inet, which made it very convenient and quick to set up VPNs for multiple points, leaving a deep impression on me!

I would like to ask, is this kind of service referred to as SDN (Software-Defined Networking)? Are there any alternative products available? Or even self-hosted solutions?

This is an automated archive.

The original was posted on /r/wireguard by /u/AluminiumHoedje on 2024-01-08 22:55:57+00:00.

I have two LANs that I would like to connect my Android phone to simultaneously.I have working configs for both LANs, how do I merge these into one conifg file so I can connect to both at once?