Running Umbrel 1.2.1 with Wireguard and also Adguard. Now I know that the Wireguard install sets the static config / ip’s:
Note: Do not edit this file directly.
Your changes will be overwritten!
Address = 10.8.0.1/24
So basically my home network is 192.168.1.1/254. How can I configure the wireguard config and or client config so it can use the Adguard install on the umbrel box?
I apologize, I don’t think I understand your exact issue, but what I can say for the moment is: since AdGuard is just a DNS server, you will have to inform your WireGuard client where it is
In your Wireguard client config you would simply add the line
[Interface]
...
DNS = <ip to your umbrelOS server>
Since your AdGuard server is running on your home network, you will need to make sure your forcing traffic to your tunnel.
You can tunnel all traffic from your client to your VPN network by setting allowed IPS in your config file like this
[Peer]
...
AllowedIPs = 0.0.0.0/0
By setting 0.0.0.0/0
you are telling your client to route all traffic to your home network, and accessing your AdGuard server should not be a problem. If you are already doing this, then make sure you can ping your umbrel server or other machines (like your router) correctly first. If you can. and your still having issues, let us know, I can give you more troubleshooting steps.
I can give you some links and tools if you want a more complicated setup such a split tunneling if you still want to make sure you can access your umbrel server properly.
I apologize I should have been a lot more specific in my post. So basically with the config from Wireguard when I add the internal DNS server (the Umbrel box) 192.168.1.* the Wireguard client can’t reach it even with having the following on the client config: AllowedIPs = ::/0, 0.0.0.0/0
But when I add say 8.8.8.8 for the DNS on the Wireguard client, I am able to resolve hostnames.
So yes to answer you question, I am unable to ping the Umbrel server and or other machines on the network. Thanks for your reply!
Hmm, the fact you can’t access any machines on your local network is a bit odd. I think I have run into this before, and I believe it had to do with iptables config. Dockerized wireguard is still a bit of a mystery to me, and I’ve never been able to make it work. IIRC it had to do with the masquerade flag being missing. I’ll do some more investigating.
One thing to ask, are you using ipv6 addresses on your local network? I noticed the ::/0
you had set. It could also have to do with kernel ip forwarding I believe.
No, ipv4. The ::/0 was added by the Wireguard client config automatically. I forgot to mention I am running pfsense as my firewall on a different machine if that helps. I will remove the ::/0 and see if that fixes the issue.
Ok! I removed the ::/0 from the client config, and it magically works now.
1 Like
Not gonna lie, didn’t expect that to work. I was going to dig into that some more, but apparently that expects ipv6 routing. Glad that got you going!
1 Like