What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Search results

  1. Z

    Solved Please help access my network resources from outside (VPN Cascading and IP Masquarading)

    if you add 10.6.0.1 to the allowedip list as "192.168.1.0/24, 10.6.0.1/32" then you should be able to use dns as 10.6.0.1 and have dns lookup by your router, potentially benefit if you are using domain names (or running Diversion or AGH or whatnot).
  2. Z

    Solved Please help access my network resources from outside (VPN Cascading and IP Masquarading)

    Sure, but this is something you control in the client app. Just edit the tunnel in your android app and change AllowedIPs to only 192.168.1.0/24 and remove the current 0.0.0.0/0 (all ips). (Edit: you may also need to add 10.6.0.1 to allowedIps if thats the dns you are using. Separate with ...
  3. Z

    Solved Please help access my network resources from outside (VPN Cascading and IP Masquarading)

    Glad it worked for you! but thats troublesome indeed. It means that Wireguard is bound to lan ip, which it wasnt before. We will probably see more of these reports. Since some of the later 388 fw this is taken care of "behind the scenes" in the fw. However that rule is not a bad idea, it may...
  4. Z

    Solved Please help access my network resources from outside (VPN Cascading and IP Masquarading)

    Ooh, I completally missed your picture about wg handshake not working. So the tunnel breakes on a lower level. I wonder if something have changed in fw recently. What if you follow @CaptainSTX advice and add a vpn director rule for Local IP: 192.168.1.1/32 Remote IP: leave blank Interface Wan...
  5. Z

    Solved Please help access my network resources from outside (VPN Cascading and IP Masquarading)

    Thats not how I would have done the rules, but I cant see why it would muck up your server clients internet connection. That is if routing is setup as in 388 fw. Could it be dns issue? Could you test to ping an ip, like 142.250.74.110 (google.com for me) from your server clients when internet...
  6. Z

    Solved Please help access my network resources from outside (VPN Cascading and IP Masquarading)

    Please share a picture of your VPNDirector rules when you have the vpn client running and things are not working. This should be possible, im running a similar setup without issues, altough im still on 388 fw for now.
  7. Z

    Skynet Skynet v8 - Router Firewall & Security Enhancements

    I dont see how this could be linked to skynet, sound likewgm fails to prepare the config file properly for some reason. I.e unexpected arguments like the interface address would make it fail to start. Did you try to reboot to clear out possible remnants?
  8. Z

    Wireguard server not using DNS settings that are defined in WAN settings

    You could try redirecting dns requests from Wireguard network, similar to what dnsdirector does, but using ip. If you execute these 2 commands in router ssh: iptables -t nat -I PREROUTING -s 10.6.0.0/24 -p tcp -m tcp --dport 53 -j DNAT --to-destination 192.168.1.199 iptables -t nat -I...
  9. Z

    Wireguard server not using DNS settings that are defined in WAN settings

    If I remember correctly, the router does not do anything about dns for Wireguard servers clients. if the client are not using your set wireguard dns its a client issue. Have you turned off dns privacy in client console? If its just not resolving anything its likely a pihole issue. What type...
  10. Z

    WireGuard connected but not routing traffic

    Based on the information you provided I cannot help you, sorry. There is nothing to be found in the pictures you rprovided which means the problem must be elsewere.
  11. Z

    WireGuard connected but not routing traffic

    Could you post a picture of your vpn-director rule as it is when it is not working?
  12. Z

    WireGuard connected but not routing traffic

    For Wireguard you need to put in rules in vpndirector for which Local IP (lan ip) that should use the Wireguard interface. You could put in a single ip, like LocalIP=192.168.50.120 or you could put your entire lan there like LocalIP=192.168.50.0/24. Assuming you are using subnet 192.168.50.x for...
  13. Z

    Solved Wireguard_Server_Stops_Working

    Sure: cru a RestartWgs "05 00 * * * service 'restart_wgs 1'" Would execute every day at 5min passed midnight.
  14. Z

    Solved Wireguard_Server_Stops_Working

    If you decide to use the sleep 300 variant it could be a good idea to make the command itself non blocking. If for example you use post-mount where Entware gets initiated if things ever gets in the wrong order Entware would need to wait the 300sek for initiation which may break things. Running...
  15. Z

    Solved Wireguard_Server_Stops_Working

    cron itself are based on system time so to use cron for such thing would mean snatch system time, divide hours, minutes, seconds. Add 5 to minutes and watch for overflow and create the job. But it would be quite simple to make something like if your reboot always happens at say Sunday morning...
  16. Z

    Solved Wireguard_Server_Stops_Working

    Guess you could make a cron job to restart Wireguard server say 30min after your reboot timer. Why would a switch in scMerlin be better than the button already in the gui? Anyhow, as you are getting used to ssh, the command service "restart_wgs 1" Should do the trick. There are phone apps...
  17. Z

    Wireguard Wireguard Server - Backup/Restore/Migrate

    Thanks! I can confirm its working, finding the varlist in the scriptdirectory on the first run now.
  18. Z

    Wireguard Wireguard Server - Backup/Restore/Migrate

    Updated the instructions to help the user set the valist path correct if the script does not find it.
  19. Z

    Wireguard Wireguard Server - Backup/Restore/Migrate

    Thanks! Instead of changing the script itself to copy the varlist file to where the config tells it should be (as wrongly set during initial run), a quick fix would be to point the script config path correct manually: press enter to get passed the warning and get into the script. Use option...
  20. Z

    Wireguard Wireguard Server - Backup/Restore/Migrate

    I think I understand why this error appears now. When the script starts for the first time it looks for the VARLIST file in the directory you currently are, not in the script directory. It then creates the config file to remember its setting. So for all future times it starts it will continue to...
Back
Top