Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [wireguard]

Questions specific to Wireguard VPN in general, such as setup or functioning question. Use this tag if your question involves directly Wireguard VPN technology; do not use it if you just happen to be using Wireguard and your question is about a specific network configuration.

enter image description here

WireGuard is an extremely simple yet fast and modern that utilizes state-of-the-art cryptography. It aims to be faster, simpler, leaner, and more useful than IPsec, while avoiding the massive headache. It intends to be considerably more performant than OpenVPN.

Use this tag for questions that apply specifically to Wireguard; if the question concerns an other VPN protocol, use that vpn protocol's tag instead.

Wireguard offical site and documentation

125 questions
6
votes
1 answer

Make local resources available when connected to Wireguard VPN

BACKGROUND: I have configured a Wireguard VPN server on my local (private) network. [Say private network: 192.168.1.0/24] Wireguard clients have the same IP network 192.168.1.X There are some non-Wireguard compatible devices (IP cameras, DVRs) in my…
Lalit Jadhav
  • 61
  • 1
  • 1
  • 2
5
votes
2 answers

Wireguard connection between two LANs with wireguard boxes behind routers

I have two home LANs (100km apart) connected to internet via internet provider routers and would like to them connect with wireguard VPN with two single board computers (NanoPi R2S). NanoPi R2S boards already have armbian and wireguard…
nobody
  • 1,545
  • 12
  • 19
4
votes
0 answers

Wireguard how to route internet through a peer which is behind NAT

I have two linux laptops A (10.0.0.2) and B (10.0.0.3) with dynamic/behind NAT ip addresses that connect to the same wireguard server/endpoint(S (10.0.0.1)) with static ip address. How can I route the internet traffic from client A(10.0.0.2) through…
mike
  • 61
  • 5
4
votes
2 answers

libvirt QEMU/KVM guest cannot connect to network (NAT)

An Ubuntu QEMU/KVM guest created in virt-manager with all default settings and network type NAT can't activate its network. My host is Fedora 35. A screenshot of the guest's NetworkManager log is below. Here is the XML config from virt-manager's…
Stahls
  • 71
  • 1
  • 5
4
votes
2 answers

Connect 2 sites (networks) with Wireguard

Following is what I want to achieve. Could someone suggest a solution with specific steps? If the requirement cannot be satisfied with Wireguard what would be an alternate solution? Routers on both the sites (R-A and R-B) have static public (WAN) IP…
Pratik Pandey
  • 41
  • 1
  • 2
3
votes
1 answer

In addition to `ip rule`, `ip route`, `iptables`, is there anything else that could affect routing and packet filtering in linux?

Recently I'd like to set CF WARP client on my VPS, but encountered a strange problem. I’m not sure if this is the right place to ask this question, if not I’m very sorry and delete it. Background: I installed Cloudflare official WARP client on my…
chansey
  • 141
  • 3
3
votes
1 answer

Wireguard specify listen address

Is there a way to configure the Linux wireguard module to only listen on a specific IP address for incoming connections instead of it's default of listening on all available addresses? I cannot find any documentation for this.
Scoopta
  • 1,470
  • 4
  • 19
  • 37
3
votes
2 answers

Oracle Free Tier: Wireguard and iptables

Problem: Traffic not making it from "client" to "server" and back. Configs: "server": [Interface] Address = 10.8.0.1/24 ListenPort = 51820 PrivateKey = [redacted] PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT;…
stinkfoot
  • 33
  • 1
  • 5
3
votes
1 answer

Wireguard Multiline Config Value

Is it possible to split a config command over multiple lines instead of one long string? E.g. PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE When using more commands the line gets very long and…
laktak
  • 5,616
  • 20
  • 38
3
votes
2 answers

How to share wireguard with namespace?

I have a wireguard connection (interface name wg0) to a trusted machine inside an admin network at $DAYJOB. Usually, I don't want to use wg0 for all my traffic, only for IP addresses in the 172.16.0.0/12 range. This is easily accomplished with a…
cryptarch
  • 1,255
  • 5
  • 23
3
votes
1 answer

wireguard does handshake, but ping does not get through

I have a server with a static IP and a client which is located in my local network at home. What I am trying to achieve is a vpn connection between these two (might add more clients later though). I don't need to be able to connect to the internet…
NoThanks93330
  • 33
  • 1
  • 2
  • 4
2
votes
1 answer

How can I configure a podman container to use my wireguard interface only?

Using wg-quick with the Table=off setting, I managed to set up a non-default interface wg1 on on linux bookworm machine that works as I expect it to: curl ifconfig.co return my real IP. curl --interface wg1 ifconfig.co returns my wireguard server's…
nicoco
  • 419
  • 1
  • 5
  • 10
2
votes
1 answer

WireGuard : How do I route VPS PUBLIC IPs traffic through tunnel to home router/firewall for public facing self-hosting services?

WireGuard : How do I route VPS PUBLIC IPs traffic through tunnel to home router/firewall for public facing self-hosting services? What a terribly long and wordy question to ask. Long Story: After 10+ years with my current ISP I will be moving to an…
I Own I Owe Oh My
  • 21
  • 1
2
votes
1 answer

Forwarding traffic back through WireGuard (Setting dnat for oif wg0, after processing the application)

I use WireGuard as a secure communication channel between two servers in different DCs to hide the existence of the end server (server B). I use nftables as a firewall management tool. From public server A, the traffic is forwarded keeping the IP…
Yuvaan Sykes
  • 25
  • 3
2
votes
0 answers

Port Forwarding over VPN link cloud VPS (To bypass CG-NAT)

I have a radio setup on a 4G connection that utilises CG-NAT. This means I am unable to access the radio remotely using the supplied remote software. To get around this I have setup a cloud VPS wireguard server and have a pfsense router local to the…
CaveJohnson
  • 21
  • 1
1
2 3
8 9