Hi all,
I've asked this question before in an open topic but I think it didn't reach the majority of the users. Therefore I'm creating this new topic in the hope that someone can help me. I have been struggling with the wireguard vpn for months now and I can't get it to work properly. I think I have googled all relevant aspects and tried a lot of things myself but I can't figure out what the problem is. Therefore I'm hoping someone in this community can help me get in the right direction.
I've set up wireguard using docker using:
docker create \
--name=WireGuard \
--cap-add=NET_ADMIN \
--cap-add=SYS_MODULE \
-e PUID=0 \
-e PGID=0 \
-e TZ=Europe/Amsterdam \
-e SERVERURL=auto \
-e SERVERPORT=51820 \
-e PEERS=1 \
-e PEERDNS=192.168.0.100 \
-p 51820:51820/udp \
-v /srv/dev-disk-by-label-Disk1/Appdata/WireGuard/config:/config \
-v /srv/dev-disk-by-label-Disk1/Appdata/WireGuard/lib/modules:/lib/modules \
--sysctl="net.ipv4.conf.all.src_valid_mark=1" \
--restart unless-stopped \
linuxserver/wireguard
Alles anzeigen
PUID=0 and GUID=0 refers to the root user to avoid permission problems, the SERVERURL=auto gives the correct address and with the dns pointing to my PiHole which runs on a different server. This configuration works in the sense that I'm able to connect to the internet and observe that it uses my PiHole to solve dns requests. However, I'm unable to access my shares on the network I'm connecting to. Tried circumventing my PiHole by using 1.1.1.1 as dns server which resulted in the same issues; can connect to internet but not able to see shares.
Are there specific OMV firewall rules that I don't know the existence of that prevent me from accessing my shares via the wireguard vpn?
My configs:
wg0.conf
[Interface]
Address = 10.13.13.1
ListenPort = 51820
PrivateKey = xxxxx
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o enp0s25 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o enp0s25 -j MASQUERADE
[Peer]
PublicKey = xxxxx
AllowedIPs = 10.13.13.2/32
peer1.conf
[Interface]
Address = 10.13.13.2
PrivateKey = xxxxx
ListenPort = 51820
DNS = 192.168.0.100
[Peer]
PublicKey = xxxxx
Endpoint = xxxxx:51820
AllowedIPs = 0.0.0.0/0, ::/0
Looking forward to your suggestions,
Thomas