Menu
What's new
By:
Filters Better Search

Search results

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

  1. Z

    Need help to resolve VPN Director issue

    Great! Looks like also interface Address and DNS may be specified multiple times: https://www.man7.org/linux/man-pages/man8/wg-quick.8.html
  2. Z

    Wireguard Wireguard Client Help

    The reason for why we do what we do is that normally the main routing table is the only one. It is mostly managed by the kernel (dhcp info and interface ip/network). You can only specify destination ip in a routing rule. So if we add a vpn, now there are 2 ways to internet, and routing can't...
  3. Z

    Wireguard Wireguard Client Help

    The /nn is called CIDR which is basically another way of specifying a mask. Most of us have seen the windows network mask 255.255.255.0. The origin of why it's 255 is that in ip addresses each number between the dots are 1 Byte = 8 bits. Maximum value is 255 (binary 1111 1111, hexadecimal FF)...
  4. Z

    Need help to resolve VPN Director issue

    Just for reference, this is how dual stack import looks like:
  5. Z

    Need help to resolve VPN Director issue

    I just noticed you also got 2 Address directives and again the import you provided earlier shows only last one (ipv6) got imported. Your peer currently has no ipv4 address. If you say it's working anyway I have to believe you but I don't understand how the router performs SNAT (wich is usually...
  6. Z

    Wireguard Wireguard Client Help

    Wireguard is incompatible with router NAT acceleration. Wgm uses packet marks in the firewall to bypass this. If you enter vx in wgm it lets you edit the config file: # Override setting of the -t mangle FORWARD/PREROUTING '-j MARK --set-xmark 0x01/0x7' fwmarks # (NOT the user Selective Routing...
  7. Z

    Need help to resolve VPN Director issue

    Indeed I think he can just edit the field directly in the gui, but I never tried it.
  8. Z

    Need help to resolve VPN Director issue

    It's not really well specified to my knowledge. https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8 I have seen all variation of uppercase, lowercase and whether or not there is a space before, after or both sides of '='. It's kind of a mess.
  9. Z

    Need help to resolve VPN Director issue

    You got 2 entries. The import probably got it wrong. Not sure if @RMerlin could fix in the future. This is how it should look:
  10. Z

    Wireguard Wireguard Client Help

    You can test the same config on your android phone and see what speeds you get. If you are getting much higher speeds there could possibly be some opportunity. Experiment with XMARK (wgm vx command) and or turning off nat hw acceleration (wgm 'fc disable' command). That's a worthy goal!
  11. Z

    Need help to resolve VPN Director issue

    It's probably there in the config file but either failed to import or the user have been messing with it. The routes are created based on AllowedIPs. So if this field is missing or contains Invalid characters no routes will be created.
  12. Z

    Wireguard Wireguard Client Help

    Leave it at .2 it does not matter but it's good to keep it at wan (<.16) so it will use the more complete main route table. Use .3 - .15 for your wan clients
  13. Z

    Wireguard Wireguard Client Help

    See post 43 https://www.snbforums.com/threads/wireguard-client-help.91103/post-919473
  14. Z

    Wireguard Wireguard Client Help

    I mean when you starting to change ip for your wan clients they will not be over wan anymore until you change vpndirector. No it should be vpn. This specific rule covers ips 192.168.1.16 - 192.168.1.31
  15. Z

    Need help to resolve VPN Director issue

    Check you client AllowedIPs import. It should be 0.0.0.0/0 It wouldn't work if AllowedIPs are not 0.0.0.0/0. Even if you make the routes yourself it won't be allowed over the tunnel. Now, you may wonder how I know that 😉...
  16. Z

    Wireguard Wireguard Client Help

    It's not about commands. Just a note of cation first, as you swap between ovpn and wg this change will affect ovpn too and you need to remake vpndirector rules. But you will get a more robust setup for both ovpn and wg. Head into router gui. LAN -> DHCP Server. Here there is a field "IP Pool...
  17. Z

    Wireguard Wireguard Client Help

    No idea. I always use commands. Are you OK with all clients using this public dns?? We can fix it so vpn clients are using dns from config and wan clients use wan dns if you want. There are also potential issues with your way of doing things that may come back to bite you in the future. But...
  18. Z

    Wireguard Wireguard Client Help

    Haha, yea I've been there too. Everything looks fine. The reason your wan clients have no access is because they don't have a dns. Wgm redirects all VPN clients dns and you have your entire lan to vpn. Problem is that this dns is wg specific so it's only possible to contact it over vpn. Your 3...
  19. Z

    Wireguard Wireguard Client Help

    This line indicates that your wireguard tunnel is not working on a lower level. Your router have sent out 1kB data and received 0B back. So, either this config file is terminated by your supplier or wgm got something wrong during the import. Open the original config file in some text editor and...
  20. Z

    Wireguard Wireguard Client Help

    I get it, wgm wasnt the quick solution for you. Please keep in mind it have not been updated for over a year as fw wireguard is taking over. Altough it give some added benefits it also comes with added complexity. Altough I believe there are people still using it so it should work, but there is...
Top