Wireguard Setup

Joined
Apr 13, 2022
Messages
1
Hi all,

I am currently running my first home server on an HP ProLiant ML310e Gen8 Tower Server (Xeon E3-1220 v3 and 32G RAM) with TrueNAS SCALE 22.02.0.1. In addition, I just purchased Mullvad VPN and am trying to use wireguard with it. To the best of my knowledge, I have properly set up the VPN, but now the Web UI cannot be accessed on the usual IP address. To remedy this, I tried to set up port forwarding with Mullvad, following this guide. It all seems to go ok until I try to check my connection:
Code:
root@truenas[~]# curl https://am.i.mullvad.net/connected
curl: (6) Could not resolve host: am.i.mullvad.net

Whereas if I run the command without the VPN running, it responds, telling me I am not connected (obviously).

My question is: do you know how to get a commercial wireguard VPN running so you can access the web UI?

In case it is pertinent, here is my wireguard configuration, generated by Mullvad.
Code:
[Interface]
PrivateKey = ...
Address = ...
DNS = 193.138.218.74
PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT

[Peer]
PublicKey = ...
AllowedIPs = 0.0.0.0/0,::0/0
Endpoint = ...
 

morganL

Captain Morgan
Administrator
Moderator
iXsystems
Joined
Mar 10, 2018
Messages
2,691
OpenVPN is supported today
Wireguard VPNs are supported for Apps by TrueCharts
Wireguard VPNs for general usage is planned for Bluefin in 2H22
Getting Wireguard VPNs working before this will be complex. I don't know of anyone that has this working..
 

jct

Explorer
Joined
Aug 14, 2021
Messages
52
Getting Wireguard VPNs working before this will be complex. I don't know of anyone that has this working..
Well, that's unexpected. I didn't find anything tricky when I set mine up.

I think all I've done is to set up a post-init script with the following one-liner?

cp /root/wg0.conf /etc/wireguard/ ; /usr/bin/wg-quick up wg0

I'm certain I never followed anything more exotic than the instructions for CORE. No sysctl, no kernel… no surprises that I recall.

This has proved invaluable to me for replicating between sites. Have I missed something more subtle and complex?
 
Top