Black_Duck
Explorer
- Joined
- Oct 8, 2022
- Messages
- 61
-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum will now become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
Simple guide to official wg-easy app installation on SCALE
- Thread starter Black_Duck
- Start date
Isma
Contributor
- Joined
- Apr 29, 2020
- Messages
- 100
Nothing in my case, I opened the ports, set things to "truenas", nothing that doesn't connect
Black_Duck
Explorer
- Joined
- Oct 8, 2022
- Messages
- 61
Hi Isma
Apologies for the delay getting back to you. All your settings seem to be in order - nothing stands out on first glance.
The iptables show some data coming through port 51820, but very small and nothing forwarded.
I suspect your problem is upstream.
A few questions.
- When you try to use the VPN from outside your lan, does the connection show up in the wg-easy webUI as being connected?
- Can you confirm that you are not running a bridge and enp58s0 is your Network interface
- Finally can you confirm you are running Cobia. Based on your Applications screen, this appears to be Dragonfish....
Last edited:
Isma
Contributor
- Joined
- Apr 29, 2020
- Messages
- 100
Yes I managed to solve it, I can connect, it was because I was on truenas dragon, now my problem is the lan I can't connect
I have my lan at ips 192.168.1.x and this is my configuration
Last edited:
Black_Duck
Explorer
- Joined
- Oct 8, 2022
- Messages
- 61
Change WG_ALLOWED_IPS to 0.0.0.0/0 if you want to access your lan remotely.
thelampire
Cadet
- Joined
- Mar 30, 2024
- Messages
- 3
Hello Everyone,
I was trying to follow this guide to setup wg-easy on my TrueNAS but it just doesn't work.I thought I had a simple issue here and after like 10 hours of fiddling I still could not get wg working. I would like to do the following:
- I have a router at 192.168.0.1 and have DDNS set up.
- I would like to connect to my TrueNAS PC at 192.168.0.123 with a wireguard client through mobile internet and have full tunnel VPN. Wg is configured to be on the 10.8.0.0 subnet.
- I would like to access my apps on TrueNAS. Usually I access them through 192.168.0.123/[portnum] I did not install metallb and did not assign separate URLs.
- I would like my pihole to act like a DNS server.
I could set up everything except accessing my apps (emby, photoprism). I can ping the router and my TrueNAS from mobile internet. I can ping my mobile phone being on mobile internet with my TrueNAS. I tried all sorts of AllowIPs settings (including the one below which is probably wrong), different DNS server settings, whatever I could think of but still couldn't access my apps. Could someone help me identify where the problem is?
Here are my settings:
Besides these the only setting which is network related is net.ipv4.ip_forward=1 in sysctl. I also tried to use NAT settings which worked before with OpenVPN but they don't work with wg (because wg does NAT on its own AFAIK). I apologize in advance if I seem like a noob. I very much feel like when it comes to network in general.
Any help is appreciated!
Cheers!
I was trying to follow this guide to setup wg-easy on my TrueNAS but it just doesn't work.I thought I had a simple issue here and after like 10 hours of fiddling I still could not get wg working. I would like to do the following:
- I have a router at 192.168.0.1 and have DDNS set up.
- I would like to connect to my TrueNAS PC at 192.168.0.123 with a wireguard client through mobile internet and have full tunnel VPN. Wg is configured to be on the 10.8.0.0 subnet.
- I would like to access my apps on TrueNAS. Usually I access them through 192.168.0.123/[portnum] I did not install metallb and did not assign separate URLs.
- I would like my pihole to act like a DNS server.
I could set up everything except accessing my apps (emby, photoprism). I can ping the router and my TrueNAS from mobile internet. I can ping my mobile phone being on mobile internet with my TrueNAS. I tried all sorts of AllowIPs settings (including the one below which is probably wrong), different DNS server settings, whatever I could think of but still couldn't access my apps. Could someone help me identify where the problem is?
Here are my settings:
Besides these the only setting which is network related is net.ipv4.ip_forward=1 in sysctl. I also tried to use NAT settings which worked before with OpenVPN but they don't work with wg (because wg does NAT on its own AFAIK). I apologize in advance if I seem like a noob. I very much feel like when it comes to network in general.
Any help is appreciated!
Cheers!
Black_Duck
Explorer
- Joined
- Oct 8, 2022
- Messages
- 61
As per the instructions, if you want access local Apps (or Virtual Machines) you will need to set up a bridge. Just follow the instructions provided at the beginning of the thread. Make sure you change the “Applications settings” to use the bridge.Hello Everyone,
I was trying to follow this guide to setup wg-easy on my TrueNAS but it just doesn't work.I thought I had a simple issue here and after like 10 hours of fiddling I still could not get wg working. I would like to do the following:
- I have a router at 192.168.0.1 and have DDNS set up.
- I would like to connect to my TrueNAS PC at 192.168.0.123 with a wireguard client through mobile internet and have full tunnel VPN. Wg is configured to be on the 10.8.0.0 subnet.
- I would like to access my apps on TrueNAS. Usually I access them through 192.168.0.123/[portnum] I did not install metallb and did not assign separate URLs.
- I would like my pihole to act like a DNS server.
I could set up everything except accessing my apps (emby, photoprism). I can ping the router and my TrueNAS from mobile internet. I can ping my mobile phone being on mobile internet with my TrueNAS. I tried all sorts of AllowIPs settings (including the one below which is probably wrong), different DNS server settings, whatever I could think of but still couldn't access my apps. Could someone help me identify where the problem is?
Here are my settings:
Besides these the only setting which is network related is net.ipv4.ip_forward=1 in sysctl. I also tried to use NAT settings which worked before with OpenVPN but they don't work with wg (because wg does NAT on its own AFAIK). I apologize in advance if I seem like a noob. I very much feel like when it comes to network in general.
Any help is appreciated!
Cheers!
Note, there is an annoying bug in Cobia with bridges and apps. See this thread . The issue appears to be fixed in Dragonfish.
Yes, you can use pihole (or Adguard) as your dns. Once you’ve set up the bridge, change ”Client DNS server” to your pihole ip address. I have this working on my system using adguard. A useful tip is to add a dns redirect to your pihole to redirect your ddns name to your router ip, thus enabling access to your router using your https credentials from within your lan. I strongly recommended running https on your TrueNAS
Last edited:
thelampire
Cadet
- Joined
- Mar 30, 2024
- Messages
- 3
Thank you for the info! I did change back to have a bridge device under the apps and wg-easy, but it still doesn't work. I have this setup at the moment. I actually have the Dragonfish RC on my server so that shouldn't be a problem. I changed the device to br0 in the Applications settings and in wg-easy, as well.
As far as I broke the problem down, it's either the AllowedIPs settings both in the client and server or the static route in TrueNAS. How should a netstat -r look like for a working setup?
Also, weirdly, I can ssh into the server (could if I had the key on my phone), but cannot access the samba server.
Isma
Contributor
- Joined
- Apr 29, 2020
- Messages
- 100
yes!!!
thelampire
Cadet
- Joined
- Mar 30, 2024
- Messages
- 3
I have also done this and it did not work. Maybe it's a stupid question, but what IP should I then use to access my LAN? 10.8.0.x, 192.168.0.x or the kubernetes IP? Neither have worked before but when I am troubleshooting I wouldn't need to keep trying all three.
Black_Duck
Explorer
- Joined
- Oct 8, 2022
- Messages
- 61
Allowed IPs merely sets the IPs the client can access through the tunnel. Setting it to 0.0.0.0/0 allows access to everything. See this post for more info on Allowed IPs.
Your problem is not Allowed IPs if you have left it on the default value of 0.0.0.0/0.
Note, Allowed IPs (and several other parameters like DNS Servers) are settings for
the client config file. You must generate a new client config and load it on your client for the new value to take effect.
See my debug post to understand how wg-easy works and subnets.
You can access your lan devices through the tunnel just as you would if your on your lan (I.e if your lan subnet is 192.168.0.0/24, then ”192.168.0.1” should access your router)
Perhaps it’s best if you follow the debug guide mentioned above to work out the issue.
Last edited:
Black_Duck
Explorer
- Joined
- Oct 8, 2022
- Messages
- 61
Hi All
if you are having issues with Wg-easy, and before you post on this thread may I suggest the following:
if you are having issues with Wg-easy, and before you post on this thread may I suggest the following:
- Wg-easy works, so if you have a problem it’s most likely because you did something wrong.
- did you follow the instructions at the beginning of this thread exactly?
- did you read the entire thread? There’s a lot of good information there and most likely your problem has been solved before.
- did you try the debugging procedures I published here? They should resolve most issues.
- when in doubt about a parameter, use the default setting.
Last edited:
