Posts by Thomasolicious

    Hi all,


    I've asked this question before in an open topic but I think it didn't reach the majority of the users. Therefore I'm creating this new topic in the hope that someone can help me. I have been struggling with the wireguard vpn for months now and I can't get it to work properly. I think I have googled all relevant aspects and tried a lot of things myself but I can't figure out what the problem is. Therefore I'm hoping someone in this community can help me get in the right direction.


    I've set up wireguard using docker using:

    PUID=0 and GUID=0 refers to the root user to avoid permission problems, the SERVERURL=auto gives the correct address and with the dns pointing to my PiHole which runs on a different server. This configuration works in the sense that I'm able to connect to the internet and observe that it uses my PiHole to solve dns requests. However, I'm unable to access my shares on the network I'm connecting to. Tried circumventing my PiHole by using 1.1.1.1 as dns server which resulted in the same issues; can connect to internet but not able to see shares.


    Are there specific OMV firewall rules that I don't know the existence of that prevent me from accessing my shares via the wireguard vpn?



    My configs:


    wg0.conf

    Code
    [Interface]
    Address = 10.13.13.1
    ListenPort = 51820
    PrivateKey = xxxxx
    PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o enp0s25 -j MASQUERADE
    PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o enp0s25 -j MASQUERADE
    
    [Peer]
    PublicKey = xxxxx
    AllowedIPs = 10.13.13.2/32


    peer1.conf

    Code
    [Interface]
    Address = 10.13.13.2
    PrivateKey = xxxxx
    ListenPort = 51820
    DNS = 192.168.0.100
    
    [Peer]
    PublicKey = xxxxx
    Endpoint = xxxxx:51820
    AllowedIPs = 0.0.0.0/0, ::/0


    Looking forward to your suggestions,


    Thomas

    After some more googling I might have found a reason why some things work and others don't. I think there might be a conflict in the internal subnet. However, I'm quite a novice on this topic but always willing to learn. Does anyone see an issue in the internal subnet which could cause my problems?

    I think I have similar issues to the ones you were encountering Wek, I have been stuck trying all kinds of configurations for weeks now..


    My configuration is the following:

    OMV server running on <MY EXT. IP>

    PiHole DNS running on different server 192.168.0.100


    I'm trying to run Wireguard in docker using the following to create the docker:



    Which produces the following for wg0.conf:

    Code
    [Interface]
    Address = 10.13.13.1
    ListenPort = 51820
    PrivateKey = xxxxxx
    PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o enp0s25 -j MASQUERADE
    PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o enp0s25 -j MASQUERADE
    
    [Peer]
    PublicKey = xxxxxx
    AllowedIPs = 10.13.13.2/32

    Yes, I switched eth0 to enp0s25 because that's the name of my omv ethernet adapter.


    And peer1.conf:

    Code
    [Interface]
    Address = 10.13.13.2
    PrivateKey = xxxxxx
    ListenPort = 51820
    DNS = 1.1.1.1
    
    [Peer]
    PublicKey = xxxxxx
    Endpoint = <MY EXT. IP>:51820
    AllowedIPs = 0.0.0.0/0, ::/0

    Port 51820 is forwarded and the command "sysctl net.ipv4.ip_forward" nicely returns "net.ipv4.ip_forward = 1". I have tried setting "PEERDNS=192.168.0.100", "PEERDNS=1.1.1.1" and "PEERDNS=auto" but result in a working internet connection when connected to wireguard server.


    Am I doing something fundamentally wrong here which is preventing me from succeeding?


    Kind regards,

    Thomas

    ___________________________________________


    Edit: configuring "PEERDNS=192.168.0.100", i.e. setting it to my PiHole and fully rebuilding the docker solved my problems partially. I can now connect to the internet and I can indeed see that my PiHole is handling my DNS requests. However, I cannot access my SMB shares. Is there some kind of firewall rule I need to edit inside OMV that I don't know of to be able to access my shares when using WireGuard vpn?