search

runfalk / synology-wireguard

WireGuard support for some Synology NAS drives
MIT License
919 stars 131 forks source link

Accessing NAS by local IP not working with multiple gateways activated #72

Closed jantschaefer closed 3 years ago

jantschaefer commented 3 years ago

Hello, I'm running the package on my 918+. Everything is working fine, except that I can not access my NAS from wg clients by using its local IP. Using the the wg server IP (10.0.0.1 in my case) is working. I've set up pi-hole in a Docker-Container on the very same Synology that hosts the wg server. Pi-hole is using a macvlan-network. Unfortunately I'm not able to access pi-hole from any wg client. It is working however, when I disable the multiple gateway option (Control Panel / Network / General / Advanced Settings). I, however, need this option to stay enabled, since I would like to be able to tunnel some traffic via an OpenVPN connection. This is probably a problem with my routing table. Unfortunately I was not able to come up with a solution on my own.

The local IP of my NAS is 192.168.178.40. The wg server IP is 10.0.0.1. The router is accessible on 192.168.178.1. The OpenVPN Server (IP 185.107..) is pushing some routes that I had to overwrite in order to be able to tunnel only a specific Synology Package via tun0. 192.168.168.0 is the IP range of a remote network that is connected via wg.

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.178.1   192.0.0.0       UG    0      0        0 eth0
0.0.0.0         10.8.0.1        128.0.0.0       UG    0      0        0 tun0
0.0.0.0         192.168.178.1   0.0.0.0         UG    0      0        0 eth0
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 wg0
10.8.0.0        0.0.0.0         255.255.0.0     U     0      0        0 tun0
64.0.0.0        192.168.178.1   192.0.0.0       UG    0      0        0 eth0
128.0.0.0       192.168.178.1   192.0.0.0       UG    0      0        0 eth0
128.0.0.0       10.8.0.1        128.0.0.0       UG    0      0        0 tun0
172.17.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker0
172.21.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker-fa9e97f8
172.22.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker-09afaaf3
172.24.0.0      0.0.0.0         255.255.0.0     U     0      0        0 docker-ab29d480
185.107.*.*     192.168.178.1   255.255.255.255 UGH   0      0        0 eth0
185.107.*.*     192.168.178.1   255.255.255.255 UGH   0      0        0 eth0
192.0.0.0       192.168.178.1   192.0.0.0       UG    0      0        0 eth0
192.168.168.0   0.0.0.0         255.255.255.0   U     0      0        0 wg0
192.168.178.0   0.0.0.0         255.255.255.0   U     0      0        0 eth0
runfalk commented 3 years ago

This sounds like a configuration issue and not a problem with the WireGuard package specifically. I'm unable to provide you any assistance with this. I'll close this issue and invite you to use the Discussions tab to ask the community for help. If you believe this indeed an issue with the WireGuard package I'm happy to re-open it.