Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. Z

    Wireguard Wireguard Client Help

    Is there any way you could check the ip it's using? I'm sorry, but the rules are clearly sending 192.168.1.16 - 192.168.1.255 to route table 121 and in there there are only routes to lan and wg11. There is no way an ip in this range would route to wan.
  2. Z

    Wireguard Wireguard Client Help

    Cached browser page perhaps. Try to clear cache or use private (incognito) tab to make sure you are not seeing old data. For your phone it is expected then. If not desired, change it's ip.
  3. Z

    Wireguard Wireguard Client Help

    The only way this makes sense is if your MacBook and phone has a local IP between 192.168.1.0 - 192.168.1.15 Did you check this?
  4. Z

    Wireguard Wireguard Client Help

    Well, everything looks OK as far as I can see. Only 192.168.1.0 - 192.168.1.15 should be wan. The rest should be through wg11. From what device are you testing over wan? What is that device lan ip? How are you testing?
  5. Z

    Wireguard Wireguard Client Help

    Well, yes. There is no point debugging something that is working. Yes, that is the only way to make your current setup work. You won't be able to ever use wg dns with this setup. But it's really up to you. If you are completely OK with not using isp dns for wan clients or wg dns for wg clients...
  6. Z

    Wireguard Wireguard Client Help

    The initial issue you had with these rule-set was dns. Your wan clients will still use wg dns which gives issues if this dns is only accessible over vpn. I would prefer the way before as no wan rules are needed, thus you won't have dns issues. But it is up to you. If something is not working...
  7. Z

    Wireguard Wireguard Client Help

    Have wg11 been running since last time? With all rules we set up? So your lan have been using Wireguard this whole time? Probably you will need to obtain a new config file and import in wgm as wg11 as this one does not appear to work anymore. Using Geo-location works best if you have client...
  8. Z

    Wireguard Wireguard Client Help

    Your wg11 does not seem to work. Just as before. Have you imported wrong config or your supplier killed it off if you have not been using it
  9. Z

    Wireguard Wireguard Client Help

    You mean you lost connection for that client? Or entire lan? I would not recommend using VPN Director for wgm rules due to acouple of reasons. One being that if you are using openvpn this could create issues. Better dump the usual suspects so we can see what is going on: wg show ip rule ip...
  10. Z

    Adguard Home and clients of subnet (wireguard tunnel)

    Great you managed to sort this out, and thanks for the link! Just a couple of notes: - According to this post: https://forum.gl-inet.com/t/vpn-wireguard-and-adguard-home/45861/16 You added a static route in the asus router. This should not be needed as you added remote lan in AllowedIPs...
  11. Z

    Adguard Home and clients of subnet (wireguard tunnel)

    Great! Om not an expert in these but I don't see anything pointing to masquarade being used on wireguard anymore. I think your gl.inet router processes dns requests locally by dnsmasq. So lan client sends dns to gl.inet router which either uses cached info or makes it's own request to upstream...
  12. Z

    Adguard Home and clients of subnet (wireguard tunnel)

    Aha, gl.inet router are using nftables... im not as familiar with those. You should be able to list them by nft list ruleset Look for nat tables and postrouting.
  13. Z

    Adguard Home and clients of subnet (wireguard tunnel)

    Then the Gl.Inet router is still masquerading... unless wireguard dns is setup to use router itself as forwarder for dns (dnsmasq). did you stop/start wireguard after making these changes? Or better yet, reboot the router? As you already are familiar with ssh into the gl.inet router, could you...
  14. Z

    Adguard Home and clients of subnet (wireguard tunnel)

    Looks like you don't have masquerading enabled for neither wan or Wireguard which may give issues if you have lan clients using wan. But did this resolve your issue or not?
  15. Z

    Adguard Home and clients of subnet (wireguard tunnel)

    This should already be taken care of when changing AllowedIPs (Server), a route in the main route table should been added for 192.168.10.0/24 to wgs1 (and wg will route to correct peer). I may be out on thin ice here, but this source...
  16. Z

    Adguard Home and clients of subnet (wireguard tunnel)

    Can't help you with that, try Google. I get that, and right now you only see 10.6.0.10 for every lan device. This is how MASQUARADE works, same as your entire lan uses a single public ip. But this is not an asus router issue, it's a GL Inet router issue.
  17. Z

    Adguard Home and clients of subnet (wireguard tunnel)

    You will need to turn off nat (MASQUARADE) on GL Inet router. As this setting changes source address to be wg address for the entire lan. Furthermore, you will need to add on Asus router wireguard server on the peer to GL Inet router: AllowedIPs (Server): 10.6.0.10/32, 192.168.10.0/24 I think...
  18. Z

    Tailscale site2site

    This is probably your best bet: https://www.snbforums.com/threads/tailmon-v1-0-20-july-27-2024-wireguard-based-tailscale-installer-configurator-and-monitor-now-available-in-amtm.89860/post-904871
  19. Z

    VPN Director - batch of 300+ CIDRs

    This is a perfect use case for x3mrouting addon as it does ASN download, parsing into ipset and routing based on ipset. All done. But it's a bit dated and the gui is not working anymore but I think that cli is still working...
  20. Z

    WireGuard VPN leaking DNS with DNS Director / RT-AX88U

    In gui VPN->VPN Client->Wireguard under Interface, there is a field DNS Server (optional). Fill in your Wireguard DNS 10.64.0.1 there and remove these entries from DNS Director as they should not be needed.
Top