Closed ctrlcmdshft closed 2 years ago
peacey
commented
2 years ago Hi @ctrlcmdshft,
If it's working you should be able to ping an IP on the UDM subnet.
I don't see a handshake on the UDM, so I'm not sure if it's working. Did you check if it's working?
ctrlcmdshft
commented
2 years ago i dont see handshake at all when connected and doing wg heres is my config and ios setting maybe you can see issues with them idk. only other thing i did was follow the two screenshots for the wireguard rules and port group. is there anything else i may of missed doing within the UDM.
[Interface]
Address = 192.168.90.1/24
ListenPort = 51820
PrivateKey = 4L9fnNRZxDuszh2FUxxxxxxxxxxxxxxxxxxxxx
[Peer]
PublicKey = llhE7mFdjKYXu7xxxxxxxxxxxxxxxxxxxxxxxxxxx
AllowedIPs = 192.168.90.2/32
Endpoint = xxx.xxx.xxx.xxx:51820
@peacey so i started fresh with new configs and i now get whats below when doing wg so i know its connected and internet works when not on wifi but now how do i add to this to allow me to be able to access some services i have on a different subnet then the wireguard one
# wg
interface: wg0
public key: MrdaRP3c2IxxxxxxxxxxxxxxxxxxxxxxxxxfhOYix71Jmc=
private key: (hidden)
listening port: 51820
peer: llhE7mFdjKYXuxxxxxxxxxxxxxxxxxxxxxxxxxxxxxWu7Zg4=
endpoint: xxx.xxx.xxx.xxx:17258
allowed ips: 10.0.0.3/32
latest handshake: 1 minute, 19 seconds ago
transfer: 11.90 KiB received, 21.27 KiB sent
# Server Config
[Interface]
Address = 10.0.0.1/24
ListenPort = 51820
PrivateKey = 4L9fnNRZxxxxxxxxxxxxxxxxxxxxxxxUtUCefZF4=
[Peer]
PublicKey = llhE7mFdjKxxxxxxxxxxxxxxxxxxxxxxxxxxxq69Y8Wu7Zg4=
AllowedIPs = 10.0.0.3/32
#Client Config
[Interface]
PrivateKey = IHadjZJS22SJtxxxxxxxxxxxxxxxxxxxxxxxxxxxxx84ZpY1/qLej28=
Address = 10.0.0.3/32
DNS = 10.0.0.1
[Peer]
PublicKey = MrdaRPxxxxxxxxxxxxxxxxxxxxxxxxxxxxx5fhOYix71Jmc=
Endpoint = apt.sekrit.site:51820
AllowedIPs = 10.0.0.0/24
PersistentKeepalive = 25@ctrlcmdshft That's great you got it working. To access subnets on the UDMP from the client, you add the subnets to the AllowedIPs option on the client-side. For example, if UDMP subnets are 192.168.1.0/24 and 192.168.4.0/24:
AllowedIPs = 10.0.0.0/24,192.168.1.0/24,192.168.4.0/24If you want the WG client to use the UDMP for ALL Internet - not just UDMP subnets, you can set AllowedIPs to 0.0.0.0/0.
Once you add the proper AllowedIPs, you can ping or access an IP on the UDMP subnets from your WG client to see if it's working.
OK so i went through setting up everything as show, have wireguard setup on iphone then when on iphone connecting to vpn while on LTE i get internet no problem still when connected via wireguard and ip shows an ipv6 address i think but when on UDM i run the wg command and i get this
Is this correct is there anyway to confirm its woking properly and when on LTE or non Home network i can access items hosted on home network like access to pihole/docker etc...