Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. A

    Splitting Wireguard between Router and client

    PART 2: Adding and configuring the dummy connection When moving the VPN client from the Router to the VM (or other external device) changes are needed in wan-event and wg2x-up.sh After some trial and error, I found that the old <ipv6_alias> would not work and that the new <ipv6_alias> needed...
  2. A

    Splitting Wireguard between Router and client

    Splitting WireGuard between Router (RT-AX88U) and Client (Ubuntu VM running on Hyper-V) Hi @ZebMcKayhan, sorry for the delay in getting back and thanks again for your invaluable support in getting this over the line I wanted to use my VPN setup (WireGuard) in dual stack mode with full support...
  3. A

    Beta Asuswrt-Merlin 3004.388.6_x test builds (dnsmasq 2.90)

    Installed on RT-AX88U. Not using DNSSec directly, but I am using unbound (script by @Martineau) and I assume (but don't know) that this leverages whatever DNSSec is installed by default. Nothing unexpected in logs files, DNScheck looks normal, no obvious issue with the other installed...
  4. A

    Splitting Wireguard between Router and client

    HI @ZebMcKayhan. All is up and running happily. While I will want to spend some time sorting out the best order for shutting down / starting up the services on the Router / VM when rebooting the VM host, this will be specific to my configuration and unlikely to be of use to anyone else...
  5. A

    Splitting Wireguard between Router and client

    As per your command: peer wg21 passthru add wg13 pho21 As far I can see they end up in the following variables: $ACTION=$1 (peer) $WG_INTERFACE=$1 (wg21) $CMD=$1 (add) $IFACE=$1 (wg13) $IP_SUBNET=$1 (pho1) And at line 3100 - 1304: if [ "$(sqlite3 $SQL_DATABASE "SELECT auto FROM clients WHERE...
  6. A

    Splitting Wireguard between Router and client

    Re passthru, I will edit the script and let you know. Regard my solution, i rebooted the pc with the VM and when it came back up everything broke - so I will need to go through each step to see what I missed / failed to save. In regard to using 'any' aa address, I am not sure of this. I had...
  7. A

    Splitting Wireguard between Router and client

    Even closer I now have a working 'solution' for ipv6, in that if I run ping -6 sunet.se -I <new_ipv6_alias> on the router, I can see the responses from tcpdump -i eth0 icmp6 on the VM and where <new_ipv6_alias> = <wg21_tunnel_ipv6>::9 In addition any non-VPN lan client is now showing the VPN...
  8. A

    Splitting Wireguard between Router and client

    tomorrow is great - at least we are making progress. Thank you.
  9. A

    Splitting Wireguard between Router and client

    Updated the route but does not work If I run an ipv6 ping on the router ping -6 sunet.se -I <wan_ipv6> I can see the traffic but nothing shows on the VM tried with tcpdump -i eth0 icmp tcpdump -i eth0 icmp6 tcpdump -i eth0 ip6 and tcpdump ip6 Separately, I am trying to add back passthru via...
  10. A

    Splitting Wireguard between Router and client

    So much closer. IPv4 now works but IPv6 does not, even if I add equivalent route for the ipv6 alias (I have assumed the command is otherwise the same). Going back to basics and taking down wg13 and removing the aliases from unbound, and running ping from the router ping -6 sunet.se -I...
  11. A

    Splitting Wireguard between Router and client

    with ipv6 disabled on unbound, wg13 up and running on the router and on the VM I get i.e. no replies and running I see pairs like This is the same as response with ipv4 and ipv6 enabled. As far as I can see switching unbound to ipv6 only is not possible (or I don't know how) - setting...
  12. A

    Splitting Wireguard between Router and client

    dig @127.0.0.1 -p 53535 sunet.se works fine with either wg13 up or unbound using aliases However if both are used then admin@Router:/tmp/home/root# dig @127.0.0.1 -p 53535 sunet.se ;; communications error to 127.0.0.1#53535: timed out ;; communications error to 127.0.0.1#53535: timed out ...
  13. A

    Splitting Wireguard between Router and client

    Right - I was pinging from the router. Checking directly from unbound. Will run this much later. possibly tomorrow - my sons are having a gaming session and stopping and starting processes on the router will not be appreciated. After I change each setup, I restart unbound and clear the...
  14. A

    Splitting Wireguard between Router and client

    With wg13 up and unbound not routed via the alias (192.168.3.1) both icmp echo pings from the router to 192.168.3.1 are picked up by the VM, on eth0 and azirevpn-nl-ams. and DNS for LAN clients is fine With wg13 down and unbound using the alias outgoing-interface: 192.168.3.1...
  15. A

    Splitting Wireguard between Router and client

    Each time I run the dummy wg13 and then point unbound through the VPN then it (unbound) stops working, Looking at the logs I see the requests, but there are no replies. Presumably this is either because the DNS requests are not leaving the router, or they are not getting through the...
  16. A

    Splitting Wireguard between Router and client

    NOT YET..... All I have got to is that the wg client on the VM is happy and the dummy wgm client on the router is happy - what happens when I introduce them is yet to be seen) Until now the dummy wgm client looked happy, but was causing ructions, most probably caused by my decision to point...
  17. A

    Splitting Wireguard between Router and client

    For now I was going to assume it was connected to the old dummy account - ip -6 route show table 123 2a02:6b67:xxxx:yyyy::/56 dev br0 proto kernel metric 256 pref medium ::/2 via fe80::eae5:3390:e03f:f055 dev br0 metric 1024 pref medium 4000::/2 via fe80::eae5:3390:e03f:f055 dev br0 metric...
  18. A

    Splitting Wireguard between Router and client

    Apparently 10.99.88.77 is just fine. start wg13 Requesting WireGuard® VPN Peer start (wg13) wg_manager-clientwg13: Initialising WireGuard® VPN 'client' Peer (wg13) in Policy Mode to 10.99.88.77:51880 (# Dummy) DNS=10.50.60.1,fe80::aa5e:45ff:feae:5050...
  19. A

    Splitting Wireguard between Router and client

    Going right back to the start and It seems I was overly optimistic with the bogus client. What I did was to take the old working (azireVPN) client and just change the port. This allowed the client to load, but each time I did load it for any period of time it seemed to mess up the network...
  20. A

    Splitting Wireguard between Router and client

    If I have understood this, the steps we want are as follows 1 2 3 4 --------------------------- ----------------- ---------- --------------- Traffic from LAN or Router | > |Dummy WG Client| > |Ubuntu VM| > |wg client...
Top