Menu
What's new
By:
Filters Better Search

Recent content by ZebMcKayhan

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. Z

    Accessing VPN Clients on Router thru Mobile Phone

    I don't know of any easy way to do this. But if you are up for some scripting, check out Android "SSH button" or Apple "Shortcuts". These would allow you to place buttons on your home screen that, when pushed, send one or more ssh commands to the router. It would be possible to have a button...
  2. Z

    VPNDirector routing setup to server connections (WGS for example)

    Note, routing rules are traversed from prio 0 first and upwards. Table local is only addresses destined for the router itself. If a rule is matched the route table appointed will be used. If no routes are found in the routing table the rules will continue to be processed. In Asus merlin, all...
  3. Z

    VPNDirector routing setup to server connections (WGS for example)

    Look at the routing rules using ssh: ip rule Wgc1 uses its own routing table as shown in the previous command, conveniently named wgc1. To check it use ip route show table wgc1 If you post it here I may be able to help but remove any public ip and such.
  4. Z

    Guide Wireguard-portforwarding

    What if you try this, after you started your wgc1 client with your vpndirector route, try to execute this at the ssh prompt: ip route del $(ip route show table wgc1 | grep $(wg show wgc1 endpoints | sed -n 's/.*\t\(.*\):.*/\1/p')) table wgc1 (This will temporary remove route to wgc1 endpoint in...
  5. Z

    Guide Wireguard-portforwarding

    If its still not working altough VPNDirector is set correct, there is the off chance you have this issue: https://www.snbforums.com/threads/port-forwarding-over-wireguard-connection.87498/post-873447
  6. Z

    Guide Wireguard-portforwarding

    Did you setup 192.168.0.2 to use wgc1 in VpnDirector?
  7. Z

    Guide Wireguard-portforwarding

    Technically the nat PREROUTING rule should go into nat-start and the FORWARD filter rule should go into firewall-start. Some day when I have the time and energy I'll write something that would automate custom wireguard firewall rules... I'll have a post here somewhere I'll need to find. I'll...
  8. Z

    Guide Wireguard-portforwarding

    Port forwarding from Wireguard is not supported by firmware. You will need to add the rules manually, via ssh. However, this is not going to be easy unless your target computer/server is not using said vpn connection for internet. So, set this up in VpnDirector first. A firewall rule to...
  9. Z

    Solved Samba, LACP & WireGuard. Question.

    Wireguard won't allow you to add overlapping AllowedIPs, or atleast it will be prioritized according to specificity. If this was what you try to achieve. Or maybe I misunderstand?
  10. Z

    Question on Wireguard tunnel configuration.

    AllowedIPs exist at each side of the tunnel, both on the server side and on the client side. this is why you have the choice to change this when setting it up as AllowedIPs (server) that will go into the server side and AllowedIPs (client) that will end up on the client config that you import to...
  11. Z

    Restart WireGuard client when fails

    Reverse path filtering is blocking this from working. Try: echo 2 > /proc/sys/net/ipv4/conf/wgc1/rp_filter Then it should work. This sets rp_filter for wgc1 to loose instead of strict.
  12. Z

    Question on Wireguard tunnel configuration.

    No... the Means 0.0.0.0/0 (all destination ip) should go through the tunnel. Are you sure you are not looking at the local IP obtained by webrtc? How did the AllowediPs end up on the client side? Usually there is a way to edit/view these setting in the Wireguard app on the client device...
  13. Z

    Restart WireGuard client when fails

    The script is probably based on crontab to run the check script every 2 min. The lowest time resolution for crontab is 1min so every 10s is not going to work. Or it uses Wireguard latest-handshake timer that should reset every 2-3 min. You may need to write your own script that runs continously...
  14. Z

    A question about WireGuard security

    Wireguard is just a means for the encrypted tunnel, protocol if you wish. It would be up to any 3rd part developer to add extra security such as app looks, 2FA et.c. But I may agree with you, that app developers may atleast give this as an option. Android WG even gives any user the ability to...
  15. Z

    VPN FUSION & VPN DIRECTOR Merlin Firmware

    Do whatever is easiest for you. Wireguard is an extremely silent protocol, it requires a special option to send a ping every 25 sec to ensure nat tunnels to stay open. If you don't send any user data it's completely silent (without this option). Hardly using up router resources.
See more
Top