[WireGuard] Virtual Private Network

Announcements Apps
122

Hey Thank you for your answer.
I played a bit with the settings and got it running!

It got my attention that the host IP address was outdated and I clicked on suggestion and selected the new IP. Now it is working.

2 questions:

  1. Did I overlocked something what I should have done to prevent this?
  2. If not, how is the IP for the Wireguard Server updated ? As far as I know it changes every 24 Hours.

Thanks again :slight_smile:

1 Like
123

If you have a non-stable IP address, you should put your domain name and port in the Endpoint of your peers wg0.conf

But that’s an overlook from the web UI’s author I think.

1 Like
124

Global Settings → Endpoint Address = yourdomain.noho.st
Works perfectly.

Maybe this is possible to already add in the installation process? In Germany its not normal to have a static IP.

And thank you very much for your help!

2 Likes
125

hey, two questions:

  1. Can I change the port of Wireguard? Sometimes a wifi network blocks uncommon ports…
  2. Can I install pihole on the same YNH server and have all connected WG clients use the pihole?

Edit. Question 1 is answered per this Reddit Topic

Found out I can change the port in the server config of Wireguard to 989
Also I needed to open that port in the Yunohost firewall
And set the new endpoint port in my clients config.

126

I would suggest that you change the internal YunoHost setting so that your new port is kept across updates: yunohost app setting wireguard port_wg -v 989. (note to other readers, this command is not magic and does not do what you might think it does :stuck_out_tongue: )

It should work for basic DNS needs. Make sure it is set up to listen on all interfaces (or first hop? I cannot remember what’s right).
I would like to extend this for internal domains usage, but I have yet to make it work (I use Adguard).

1 Like
127

I don’t mind moving to adguard if you think that works better with wireguard. Is that something you would recommend?

128

Sorry, I meant I was not able to make it work with Adguard either. :sweat:

129

You mean this, no?

Screenshot 2024-02-29 at 13.22.02
Screenshot 2024-02-29 at 13.22.021000×1088 85.2 KB

1 Like
130

I have same problem with pi-hole. I am unable to use it via WireGuard.
And service dnsmasq is also masked after installing pi-hole.

131

Hello,

The diagnosis complain about the WireGuard broken status since few days.
Is there something (easy) to do or test in order to help ?

ppr

132

WireGuard seen to be installable… Maybe a CI issue?

133

Same problem here.

“ [WARNING] An issue was found for app WireGuard

  • This application is currently flagged as broken on YunoHost’s application catalog. This may be a temporary issue while the maintainers attempt to fix the issue. In the meantime, upgrading this app is disabled”
134

Hi, is it possible to use wireguard client and wireguard server on a same yunohost instance ? My use case :

  • I want yunohost to get internet access by a VPN with wireguard client, to get it’s own IP address independent of internet connexion (allows easy 4G backup)
  • I want to use wireguard server to get an access to local network when we’re away
    Did anyone already test that ?
135

Yes you can :slight_smile:

In theory you can do anything with the proper configuration, but you would need to follow some tutorials (and I am no networking expert).

I would rather point you to Headscale, a Tailscale server, and install the clients on YunoHost and your other devices. It has an option to expose local networks through the VPN.

136

A post was split to a new topic: WireGuard: no connection for clients

137

Actually it’s working, the vpn (server) can pass into the vpn (client), modifying the MTU to 1400 on wireguard server. The default MTU is 1420 on wireguard client.