Hello,
Tried solving this problem by myself and searched this forum for similar error but no luck. I'm trying to get wireguard through the plugin (custom) to work with the following configs:
[Interface]
# Device: device name here
PrivateKey = insert key here
Address = 10.69.171.24/32
DNS = 100.64.0.63
PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
[Peer]
PublicKey = insert key here
AllowedIPs = 0.0.0.0/0
Endpoint = 193.32.249.66:51820
Alles anzeigen
After a reboot the terminal shows that a connection is made with the mullvad server on a different external ip. Google is pingable and the curl ifconfig.io command verifies the external ip. But I cannot access the webgui, nor ssh.
Then I made a change (AllowedIPs) to the config with the help of nano editor and some info on this forum:
[Interface]
# Device: device name here
PrivateKey = insert key here
Address = 10.69.171.24/32
DNS = 100.64.0.63
PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
[Peer]
PublicKey = insert key here=
AllowedIPs = 192.168.1.0/24
Endpoint = 193.32.249.66:51820
Alles anzeigen
After a reboot the terminal shows a the normal public ip. No vpn connection has been made. This time it is possible to access the webgui/ssh.
A final change in the config (dns) didn't help:
[Interface]
# Device: device name here
PrivateKey = insert key here
Address = 10.69.171.24/32
DNS = 192.168.1.1
PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
[Peer]
PublicKey = insert key here
AllowedIPs = 0.0.0.0/0
Endpoint = 193.32.249.66:51820
Alles anzeigen
The wireguard config is newly generated on the mullvad website with killswitch enabled. I've noticed when I make a change in /etc/wireguard/wgnet_mullwg.conf (AllowedIPs) and after a reboot the webgui doesn't reflect that change.
Thank you in advance!