Questions tagged [wireguard]
The wireguard tag has no usage guidance.
359
questions
1
vote
1
answer
126
views
Iptables block incoming connections to network interface from subnet
I have a Linux machine that uses Hostapd to serve a WiFi hotspot. I also have a Raspberry Pi that connects to this WiFi hotspot as a DHCP Client. The Linux machine has a Cellular interface and shares ...
- 113
2
votes
1
answer
72
views
Per user assigned IPv6 addresses for outbound requests
I'm running some VMs in a Kubernetes cluster on behalf of my clients. These VMs make occasional requests to external services. This works fine, but the IP address seen by these external services is ...
- 121
-1
votes
1
answer
71
views
Years old iptables script breaks (-o option no longer exists?)
I've had a script for a while that forwards a port through my Wireguard VPN. Recently, I tried using it and it returned:
Bad argument `wg0'
Try `iptables -h' or 'iptables --help' for more information.
...
0
votes
0
answers
29
views
Opnsense Wireguard Site-to-Site VPN. Don't see Windows clients
I need to make a transparent Site-to-site VPN between 2 Opnsense routers.
As I don't have admin skills I followed this tutorial https://www.wundertech.net/how-to-set-up-wireguard-in-opnsense/ I did ...
- 135
1
vote
0
answers
58
views
Debian - Wireguard Forces Real Time Kernel
I've a system running Debian 12 and while trying to install Wireguard I noticed it would pull a different kernel:
root@iotgateway:~# apt install wireguard --no-install-recommends
Reading package lists....
- 1,206
0
votes
0
answers
71
views
How can I route local network behind a client through WireGuard?
I have a WireGuard server with local subnet 192.168.9.0/24 behind it. And a client with local subnet 192.168.4.0/24 behind it. Both running Ubuntu 22.04.
Server config:
[Interface]
Address = 192.168.1....
- 11
-1
votes
0
answers
70
views
dedicate an IP of wireguard server for a client
Server has 2 available IPs, I wan't to allocate one so that the client can use it however they want to
server:
[Interface]
Address = 10.9.8.1/30
[Peer]
AllowedIPs = 10.9.8.2/32, 192.0.2.7/32
client:
...
0
votes
1
answer
43
views
WireGuard portforwarding setup
I need help with the following scenario:
I have a small instance on AWS, which should accept all traffic from ports 1024:65535 and should send it to my local server. The local server shouldn't send ...
- 19
0
votes
1
answer
69
views
Wireguard with multiple local subnets using iptables
I'm trying to allow multiple local subnets when using a wireguard VPN. Below is the iptables config from my wireguard config file.
I'm assuming I have to write this in a different way, but I have no ...
- 1
0
votes
1
answer
75
views
Can't resolve private domains using bind9 with Wireguard VPN connection
I have a VPS with static external IP and Ubuntu 22.04. I configured the Wireguard VPN connection to my server tunneling all traffic through VPS. I also have UFW enabled. I want to resolve some domains ...
0
votes
0
answers
25
views
Performance problems when running Wireguard between Linux virtual machines. Same config on physical hosts works fine
I’m running into performance problems with Wireguard tunnels running between two virtual machines on the same hypervisor (running under Qemu/KVM) and I would greatly appreciate any insights/advice ...
- 1
0
votes
0
answers
40
views
RouterOS 7: Configure the Wireguard server to support connections by different WAN access IP
RouterOS 7 router with two WAN ports, WAN2 and WAN3(I can access Winbox with both of these WAN IPs without any issues), and set up a Wireguard (WG) service. I can successfully connect to WG by the ...
- 709
0
votes
0
answers
58
views
Portforwarding Wireguard setup
I setup wireguard on a VPS to use it as a VPN to enable portforwarding for various uses like gaming and NAS setup.
I want to open port 45000, 56000 and 40000 for now.
I am on Ubuntu 22.4 on 27fiber ...
- 1
0
votes
0
answers
83
views
Adding static route between two VPN servers
I have two VPN servers (Wireguard and OpenVpn) and my goal is that the clients connected to both the servers should be able to communicate between them. Say laptop A is connected to wireguard VPN ...
- 101
0
votes
0
answers
54
views
Wireguard VPN not allowing connections
so I have wireguard setup on my linux server and im trying to connect to it on my windows machine. Here is the config i am using to connect to it on my windows machine.
[Interface]
PrivateKey = hidden
...
0
votes
1
answer
108
views
Wireguard/iptables: ICMP response not forwarded to wg0
Network diagram: Laptop (10.8.0.2) -> (wireguard) -> server A (10.8.0.1, 10.10.0.10) -> server B (10.10.0.20)
sequence diagram
I've connected my laptop (10.8.0.2) to a server A (10.8.0.1) via ...
- 19
0
votes
1
answer
93
views
Multiple wireguard interfaces each using the 'real' interface directly, and through either be able to reach any IP
I'm in need of setting up multiple wg-quick interfaces on a single machine, both using the real ethernet NIC directly, independently.
The issue I appear to be hitting is that through each of these I ...
- 311
0
votes
0
answers
161
views
Is there a way to get the IP address of the interface on the other end of a wireguard tunnel?
Server 1 is the Wireguard server (listening). Its Wireguard interface wg0 interface IP is 10.100.100.1.
Server 2 is a Wireguard client connecting via the Internet to server 1. Its Wireguard interface ...
- 409
-3
votes
1
answer
107
views
How to connect to a IPsec VPN with WireGuard client?
is it possible at all, because I know that you can't do this with openconnect?
I have:
gateway ip
preshared key
login
password
empty ipsec id (group)
- 115
0
votes
0
answers
34
views
Wireguard peer rejecting traffic
My Wireguard setup randomly stopped working yesterday and I don't know how to trace the source of the problem.
I inspected the traffic with Wireshark and it shows that the traffic gets sent from the ...
0
votes
0
answers
68
views
Wireguard Docker and Verizon optic router
This is likely a very trivial issue answered multiple times but my knowledge is not enough to recognize/implement.
Problem:
I can connect to my self-hosted wireguard server and access admin panel ...
- 101
0
votes
1
answer
233
views
Ping and mDNS over WireGuard not working
When running through WireGuard VPN tunnel from outside the network, I can access machines inside directly via IP. For example, hitting IP of PiHole box in a browser returns the PiHole UI. I can also ...
0
votes
1
answer
54
views
Routing traffic between A and C using A-B wireguard's network
I'm having some difficulties setting up a routing between 3 nodes. Here's the situation:
A, B and R are wireguard (wg0) peers
R is a public hub (vpn.example.com) with IP 172.0.0.1
A is a peer ...
- 53
0
votes
0
answers
37
views
iptables - How do I restrict access to just local devices on the network?
I have asked this question on SuperUser but the only response was from someone who I was unable to understand
I have a WireGuard VPN Server running on a Debian 12 host with no problems, listening on a ...
2
votes
2
answers
458
views
Forwarding VPS Traffic over WireGuard
So I've been pulling my hair out for the last 24 hours to sort this out.
Long-story-short, my home internet runs over a 4G Mobile network, so this means I cannot Port Forward through my main Router. I ...
- 31
0
votes
1
answer
65
views
Re-route all incoming traffic to my home computer over the wireguard interface
I have setup a server in AWS with WireGuard server installed on it. I configured the server and the client and the vpn connection is up and running. I am able to ping from my local computer to the ...
- 117
0
votes
0
answers
35
views
Wireguard aside IPSec site to site
I have the following scenario: Connecting to a server (A) through another server (B). My connection to B is via ssh normally. The connection between B and A is through ssh, but via VPN with Wireguard.
...
- 101
1
vote
0
answers
124
views
WireGuard: how to have a persistent network card on Windows?
With OpenVPN, the virtual network card is persistent. This allow easy routing/config/whatever. This also allow TCP connections not to drop in case of VPN restart.
With WireGuard, the virtual network ...
- 1,673
1
vote
1
answer
83
views
WireGuard default route in AWS ECS container
I have a container inside an AWS ECS instance.
I want to establish a connection to a WireGuard server from that container.
The connection itself works but I have issues with routing all the traffic ...
- 111
0
votes
0
answers
366
views
Wireguard Site-to-Site connection in Docker ping working but TCP not
I am quite desperate. I am trying to get my site-to-site vpn setup working, but no luck so far. Please don't judge me, I am quite new to the routing problematic.
I have a VPS with a public IP 123.456....
- 1
0
votes
1
answer
186
views
WireGuard config protection
I want to set up WireGuard in the corporate network instead of OpenVPN. How can the client's config be protected from theft or loss? If the client's config falls into the wrong hands, then attackers ...
- 1
0
votes
1
answer
140
views
UDP Port Forwarding
I got 2 servers Named A and B, both are in different data centers and just have internet access.
I need the incoming UDP connections to a particular port on server A to be forwarded to a specific port ...
- 1
0
votes
0
answers
124
views
IP routing between two sites and allowing external access to both via Wireguard
I have two Proxmox notes, in two separate locations. They are connected via a Wireguard Tunnel between the two sites (A and B). This tunnels all traffic destined for the other site through the tunnel ...
0
votes
1
answer
934
views
Connecting to remote host that has same IP network as local network fails
I have a home automation host installed at a remote location which I access through WireGuard VPN. The router at the remote location uses 192.168.1.x, which is the same network as my home router. I ...
- 11
0
votes
0
answers
186
views
Handshake for peer 13 (x.x.x.x:51820) did not complete after 20 attempts, giving up
Server Config:
[Interface]
Address = 10.8.0.1/24
SaveConfig = true
PostUp = ufw route allow in on wg0 out on ens3
PostUp = iptables -t nat -I POSTROUTING -o ens3 -j MASQUERADE
PreDown = ufw route ...
- 1
0
votes
0
answers
187
views
Am I able to use Pritunl Wireguard without their client? Where are the connection settings stored?
I installed Pritunl and wireguard packages on my VPS. Then I made WG server settings with this manual.
Now I want to connect to the server but without pritunl client, only using wireguard standard ...
- 11
0
votes
1
answer
218
views
IP Routing Questions (Wireguard as Company Network, Hetzner Private Network as Server Private Network)
(educational purposes)
Hey Guys,
actually i'm trying to create a company network (employee clients) with wireguard. Lets say its the subnet 10.0.0.0/24. The Wireguard Server is a Hetzner Cloud server, ...
- 11
0
votes
1
answer
203
views
Limit connections to private network with firewalld and wireguard in point to site
I am trying to limit VPN access to a private network running in Openstack. The wireguard server is inside the private network and the traffic is routed to its private ip address from Openstack.
Inside ...
- 103
0
votes
0
answers
45
views
Why is there still traffic to destinations other than the peer address when a wireguard tunnel is active?
Backstory:
I've set up my firewall rules to prevent traffic from leaking outside of the wireguard vpn tunnel, because it happened before that the wg interface was active, but there was no active ...
- 1,473
0
votes
2
answers
286
views
NAT for Debian based WireGuard router in Hetzner cloud
I have rented several cloud servers from Hetzner. These are all on a private network (10.20.20.0/24), with only one server of them even having a public IP.
Following this German tutorial, I want to ...
0
votes
0
answers
147
views
Wireguard setup for 1 "master" and many client groups?
I need to separate my Wireguard clients into groups/subnets, but I need one "master-group" (subnet) that can reach all clients.
10.11.2.0/24 BestPizzaShop-Town1
10.11.3.0/24 ...
- 101
0
votes
0
answers
210
views
Is this a bad way to avoid host isolation with WireGuard?
Background
I am adding support for WireGuard VPN to an embedded device. The user will be able to set the AllowedIPs configuration themselves. WireGuard uses the allowed IPs to set routes on the host,...
- 101
0
votes
0
answers
129
views
How to select packets in iptables in nested IPIP tunnel?
I have IPIP tunnel as shown in tcpdump output bellow: IP 192.168.240.112 > 192.168.250.112.
Inside this tunnel, there is a traffic in another IPIP tunnel IP 10.233.86.94.35938 > 10.233.100.199....
- 589
0
votes
1
answer
2k
views
How do I set up Wireguard in Docker with lan access
I'm trying to set up a VPN server with wireguard.
I have the following setup in docker compose:
version: "3.1"
services:
wireguard:
image: linuxserver/wireguard
cap_add:
- ...
- 183
0
votes
0
answers
96
views
Wireguard-ui: `Bad PATH_INFO : /login`
I've successfully installed Wireguard + UI to a Debian11 VPS with this AIO script.
But if I open the http://localhost:5000 via Webmin tunneling, I get this error:
Bad PATH_INFO : /login
How do I fix ...
- 101
0
votes
0
answers
115
views
Passphrase wireguard/Firezone
I created different users through firezone to use wireguard vpn. So I have the user, and the "device" in which I define the accessible IPs, and the DNS to use.
But to make things even more ...
1
vote
0
answers
45
views
Allow forwarding only between VPN clients within the same subnet mask
I am using Wireguard (interface wg0) for a VPN on a server, where all connected clients have IPv6 addresses assigned by the server (controlled by AllowedIPs).
Let's say we have three clients:
Client ...
- 279
0
votes
0
answers
775
views
No Connection with Pivpn wireguard lxc Container on a proxmox host
Describe the issue
I can't connect to anything. Not the internet nor the local network
Expected behavior
I want if my device is connected to the wireguard vpn to surf the web and to access every ...
- 1
2
votes
0
answers
879
views
Wireguard - Clients need to make many attempts to connect before receiving data back
I have a vanilla wireguard configuration - a cloud VPS running Centos stream is the server, and the clients in question are MacOS and an iOS iphone.
Often when attempting to connect after a long ...
- 21
1
vote
0
answers
535
views
Wireguard not working on linux ubuntu
I have setup a vpn server in my house using pivpn and wireguard on a raspberry and I want to connect to it when I'm away.
I have generated the wireguard configuration which is working on all my ...
- 121