WireGuard

This is an automated archive.

The original was posted on /r/wireguard by /u/AluminiumHoedje on 2024-01-08 22:55:57+00:00.

I have two LANs that I would like to connect my Android phone to simultaneously.I have working configs for both LANs, how do I merge these into one conifg file so I can connect to both at once?

This is an automated archive.

The original was posted on /r/wireguard by /u/PaintAdditional4927 on 2024-01-08 19:48:15+00:00.

Hello All,

I saw this tutorial in GL.iNet site and I think I did everything same as explained in tutorial but I can´t ping the devices in LAN client network.

Anyone have some idea what is missing?

Thanks for the help.

This is an automated archive.

The original was posted on /r/wireguard by /u/comma_girl on 2024-01-08 18:13:16+00:00.

Hi,

My NAS is on Debian. I use systemd-networkd for network config. I have 2 wireguard VPNs configured on the NAS: one VPN to connect to Mullvad VPN (for torrents); one VPN to share my home network with my devices (laptop, smartphone) and to direct all traffic through my home network (so that laptop/smartphone's traffic goes through home when connected on this VPN). I turn them up via wg-quick because last I remembered, I had issues with routes and the weird-ish setup I have regarding the Mullvad config when I configured wireguard via systemd.

Weirdness/feature no. 1: I have a [RoutingPolicyRule] block in my /etc/systemd/networkd/ file (so that only certain traffic goes through Mullvad based on source IP/interface) that covers a specific ipv4 From address (with another bit of config needed on the /etc/wireguard/mullvad.conf file for wg-quick). This works nicely. I've noticed that enabling this block automatically turns on ip forwarding for ipv4 (# sysctl net.ipv4.ip_forward shows 1 despite zero override in /etc/sysctl.conf or /etc/sysctl.d/). Okay, good to know. This doesn't affect ipv6 ip forwarding.

Weirdness no. 2: I realised that with my config, laptop/smartphone traffic was nicely all going through my home connection, but only ipv4 worked, not ipv6 (as reflected by or ipv{4,6}.icanhazip.com. So I added IPForward=yes in /etc/systemd/networkd/enp2s0.network, and I noticed that enp2s0 was not getting its ipv6 from my home router anymore. But after I added IPv6AcceptRA=yes to , things restarted working nicely.

So I guess that weirdness no.1 is just a feature and I just need to be aware of it. I had ipv4 ip forwarding enabled accidentally, which made me believe that my home connection sharing was working properly, when it happened to be accidentally working.

But weirdness no. 2... Could someone explain to me what this IPv6AcceptRA actually does, or why it's disabled by default when IPForward gets enabled? Or am I interpreting things wrongly? (I have read but this if very cryptic to me)

Thank you.

This is an automated archive.

The original was posted on /r/wireguard by /u/TnCyberVol on 2024-01-08 14:41:52+00:00.

New iPhone and I cannot locate any of my formerly used client configs.

How can I use the info in wg0, that contains all the peers info, to generate new config, manually or with QR code.

Or do I need to completely redo all configs?

Thanks

This is an automated archive.

The original was posted on /r/wireguard by /u/nguyenkha on 2024-01-08 08:20:43+00:00.

I have wireguard running in a container on my home server in Finland, with port 51820 exposed. I have Cloudflare pointing my vpn subdomain to my home IP address. On the other side of the world in China, my girlfriend is using Wireguard client to connect to this Wireguard server instance. The connection works, and she was able to use WhatsApp, Telegram, but Netflix buffers forever. I want to know 3 things:

1. Is it better to proxy with Nginx Proxy Manager with a UDP stream host setting, or to connect directly to the Wireguard container?
2. What other factors would affect the speed, to hopefully make Netflix possible? My home internet is 300M/150M for download and upload.
3. Because Cloudflare vpn subdomain record is DNS only, what would leave my home IP address visible when someone uses my Wireguard. Can I hide my IP address in some way?

This is an automated archive.

The original was posted on /r/wireguard by /u/Rihanpro on 2024-01-08 03:49:02+00:00.

So im helping a friend out that travels for work. Long story short im trying to help him establish a secure connection to his home network where he has his server and other devices he will need to connect to. Now he would be granting access to his collogues so he wanted a separate network just for those devices. The router he has is a Asus GT-AX6000 with merlin installed. I wish it had VLAN so that we dont have to get another router but we might have to. Just wondering what do you guys think and what would be the best way to accomplish this.

This is an automated archive.

The original was posted on /r/wireguard by /u/weight_matrix on 2024-01-08 01:39:29+00:00.

Hi,

I installed Wireguard server on oracle cloud (using this tutorial), and the test ping and whatismyip.com via browser is working fine. My problem is, not all of my app traffic (like netflix, prime etc) is going through VPN.

Is there a setting I am missing? Can you point me to the right direction?

Is there something that I can screenshot and share to get better help?

My end goal is to use ddwrt router as wireguard client and access android-tv app via VPN.

Thanks.

This is an automated archive.

The original was posted on /r/wireguard by /u/Rihanpro on 2024-01-08 03:49:02+00:00.

So im helping a friend out that travels for work. Long story short im trying to help him establish a secure connection to his home network where he has his server and other devices he will need to connect to. Now he would be granting access to his collogues so he wanted a separate network just for those devices. The router he has is a Asus GT-AX6000 with merlin installed. I wish it had VLAN so that we dont have to get another router but we might have to. Just wondering what do you guys think and what would be the best way to accomplish this.

This is an automated archive.

The original was posted on /r/wireguard by /u/weight_matrix on 2024-01-08 01:39:29+00:00.

Hi,

I installed Wireguard server on oracle cloud (using this tutorial), and the test ping and whatismyip.com via browser is working fine. My problem is, not all of my app traffic (like netflix, prime etc) is going through VPN.

Is there a setting I am missing? Can you point me to the right direction?

Is there something that I can screenshot and share to get better help?

My end goal is to use ddwrt router as wireguard client and access android-tv app via VPN.

Thanks.

This is an automated archive.

The original was posted on /r/wireguard by /u/Eleutherlothario on 2024-01-07 21:17:11+00:00.

Has anyone deployed Wireguard for hundreds of road warriors? I have a situation where I think Wireguard would be a great solution if it weren't for the provisioning overhead of having to create & distribute a key and allocate an IP for each user. That's ok for a handful of users but not for hundreds.

Any ideas?

This is an automated archive.

The original was posted on /r/wireguard by /u/Eleutherlothario on 2024-01-07 21:17:11+00:00.

Has anyone deployed Wireguard for hundreds of road warriors? I have a situation where I think Wireguard would be a great solution if it weren't for the provisioning overhead of having to create & distribute a key and allocate an IP for each user. That's ok for a handful of users but not for hundreds.

Any ideas?

This is an automated archive.

The original was posted on /r/wireguard by /u/cyclops011 on 2024-01-07 20:02:24+00:00.

Hello, I'm using wireguard to expose my nextjs app from my laptop to the vps, then reverse proxy it with Nginx, all works well, but when i connect my client the laptop uses wg ip as the main ip and it completely ignores the second local ip, which leads some websites like reddit to block me, so what I'm trying to do is to make the wg ip only useable if i exposed my application through it (ex: 10.8.8.2:8000), and not overwrite my default main ip, Thanks in advance.

This is an automated archive.

The original was posted on /r/wireguard by /u/cyclops011 on 2024-01-07 20:02:24+00:00.

Hello, I'm using wireguard to expose my nextjs app from my laptop to the vps, then reverse proxy it with Nginx, all works well, but when i connect my client the laptop uses wg ip as the main ip and it completely ignores the second local ip, which leads some websites like reddit to block me, so what I'm trying to do is to make the wg ip only useable if i exposed my application through it (ex: 10.8.8.2:8000), and not overwrite my default main ip, Thanks in advance.

This is an automated archive.

The original was posted on /r/wireguard by /u/automate_23 on 2024-01-07 18:33:25+00:00.

I wrote a quick how-to installing Wireguard on FreeBSD with Pro Custodibus.

This is an automated archive.

The original was posted on /r/wireguard by /u/automate_23 on 2024-01-07 18:33:25+00:00.

I wrote a quick how-to installing Wireguard on FreeBSD with Pro Custodibus.

This is an automated archive.

The original was posted on /r/wireguard by /u/mkdr on 2024-01-07 05:52:27+00:00.

Hey,

I have linked two OpenWRT routers to each other in the following setting:

router_outdoor (192.168.100.1, 10.0.0.2 = wg_client1) router_home (192.168.8.1, 10.0.0.1 = wg_server)

when I now connect through a phone (10.0.0.3 = wg_client2) to router_home over the internet, I can reach 192.168.8.1 from the phone, but I cant reach 192.168.100.1.

kinda looks like this:

What do I need to do to reach 192.168.100.1 from the phone (wg_client2) connected to the wg_server?

Thank you very much

This is an automated archive.

The original was posted on /r/wireguard by /u/mkdr on 2024-01-07 05:52:27+00:00.

Hey,

I have linked two OpenWRT routers to each other in the following setting:

router_outdoor (192.168.100.1, 10.0.0.2 = wg_client1) router_home (192.168.8.1, 10.0.0.1 = wg_server)

when I now connect through a phone (10.0.0.3 = wg_client2) to router_home over the internet, I can reach 192.168.8.1 from the phone, but I cant reach 192.168.100.1.

kinda looks like this:

What do I need to do to reach 192.168.100.1 from the phone (wg_client2) connected to the wg_server?

Thank you very much

This is an automated archive.

The original was posted on /r/wireguard by /u/Realistic_Star_9847 on 2024-01-06 22:54:17+00:00.

I have encountered a weird problem and need some help. I set up wireguard so that I can connect from my home to my office computer. Nothing fancy, just a standard wireguard connection. I can connect to my office computer without any problem. But when I attempted to copy a large file from office to home, the copy operation continues for about 30~40 seconds (speed is about 60~80Mbps), then stops for 30~40 seconds (speed is 0), and then continues for another 30~40 seconds before stops for 30~40 seconds. It repeats such a behavior till the copy is completed. Meanwhile, I tried to ping the office computer, it seems all fine.

What could be a reason for such a bizarre thing?

Thanks much.

This is an automated archive.

The original was posted on /r/wireguard by /u/Realistic_Star_9847 on 2024-01-06 22:54:17+00:00.

I have encountered a weird problem and need some help. I set up wireguard so that I can connect from my home to my office computer. Nothing fancy, just a standard wireguard connection. I can connect to my office computer without any problem. But when I attempted to copy a large file from office to home, the copy operation continues for about 30~40 seconds (speed is about 60~80Mbps), then stops for 30~40 seconds (speed is 0), and then continues for another 30~40 seconds before stops for 30~40 seconds. It repeats such a behavior till the copy is completed. Meanwhile, I tried to ping the office computer, it seems all fine.

What could be a reason for such a bizarre thing?

Thanks much.

This is an automated archive.

The original was posted on /r/wireguard by /u/SkyMix_RMT on 2024-01-06 22:15:10+00:00.

Hi,

I have a pfsense machine in my home running WireGuard VPN. I use my laptop and my android phone to connect to my home network and access local machines, NAS, etc.

However, when I enable the WireGuard tunnel in my android phone all internet services become unusable, the connection acts extremely weirdly, it keeps "freezing" every other minute and is only usable for a few seconds at a time, for example when downloading a file, it takes ages for the file to start downloading but once it gets going it's fast, but only for a few seconds, then it hangs again.

This only happens when using WireGuard on my android phone, WireGuard on my laptop works fine, I use an alternative OpenVPN tunnel to my pfsense box on my android phone and it works fine. This problem is specific to the WireGuard app on my phone.

I have tried setting persistent keepalive to 5/10 seconds, changing MTU to 1500 (the default setting is "(auto)"), restarting everything, uninstalling the app, reinstalling WireGuard app and remaking tunnel, nothing worked so far.

If anyone could help me figure out what is happening here it'd be much appreciated!

This is an automated archive.

The original was posted on /r/wireguard by /u/SkyMix_RMT on 2024-01-06 22:15:10+00:00.

Hi,

I have a pfsense machine in my home running WireGuard VPN. I use my laptop and my android phone to connect to my home network and access local machines, NAS, etc.

However, when I enable the WireGuard tunnel in my android phone all internet services become unusable, the connection acts extremely weirdly, it keeps "freezing" every other minute and is only usable for a few seconds at a time, for example when downloading a file, it takes ages for the file to start downloading but once it gets going it's fast, but only for a few seconds, then it hangs again.

This only happens when using WireGuard on my android phone, WireGuard on my laptop works fine, I use an alternative OpenVPN tunnel to my pfsense box on my android phone and it works fine. This problem is specific to the WireGuard app on my phone.

I have tried setting persistent keepalive to 5/10 seconds, changing MTU to 1500 (the default setting is "(auto)"), restarting everything, uninstalling the app, reinstalling WireGuard app and remaking tunnel, nothing worked so far.

If anyone could help me figure out what is happening here it'd be much appreciated!

This is an automated archive.

The original was posted on /r/wireguard by /u/andykdeuser20 on 2024-01-06 21:11:24+00:00.

Hi, I downloaded the latest macOS wireguard app from the app store. When I try to launch the a Wireguard program to setup the configuration the GUI never appears. I have an M1 CPU with Sonoma 14.2.1 installed. Any suggestions?

This is an automated archive.

The original was posted on /r/wireguard by /u/andykdeuser20 on 2024-01-06 21:11:24+00:00.

Hi, I downloaded the latest macOS wireguard app from the app store. When I try to launch the a Wireguard program to setup the configuration the GUI never appears. I have an M1 CPU with Sonoma 14.2.1 installed. Any suggestions?

This is an automated archive.

The original was posted on /r/wireguard by /u/TwistedJackal509 on 2024-01-06 07:15:08+00:00.

I am running wireguard on opnsense for a customer. This is a brand new instance. I have got it set up to route all traffic with a 0.0.0.0/0. The client is asigned address of 10.50.50.2/32, while the server is set with a /24.

My internal lan is 172.16.8.0/23.

From the client I can ping the router and many random devices in the local subnet, but for the life of me I can't get a connection to this server hosting my QB company file.

I currently have an allow all rule in the opnsense firewall. I have even tried disabling the windows FW to see if that was the issue.

Server is running Win 11 pro, while client is running Win 11 home.

Any suggestions?

This is an automated archive.

The original was posted on /r/wireguard by /u/FickleLife on 2024-01-06 07:07:20+00:00.

When I connect to my wireguard server using my iPhone, it connects successfully and shows as connected in wireguard-ui, but no bytes are sent/transmitted and on the iPhone I cannot connect to any site, local or on the Internet.

I have followed this tutorial to the letter , except for making the below changes

1. changed the PostUp and PostOut device interface from eth0 to eno1 (as listed when I type nuclei device status in the terminal on my Ubuntu 22.04.3 LTS machine under Docker 24.0.7)

I have verified iptables is installed. A comment further down mentions "In my case, I had manually include a static route ‘inside’ the wireguard container, pointing to the local LAN (e.g. 192.168.1.0/24) so that it would know how to get out. Connections from outside are only successful after configuring this route" - could this be a clue as to where I am going wrong? Thanks!