EDIT: It seems something is causing my wireguard hanshake to fail. I can’t find much on this particular error except “try rebooting the wg server”. I rebooted everything, and I can’t get it to connect unless the clients are already connected to the home wifi.

So I installed wg-easy on my one of my virtual machines on my proxmox “homelab”. It seems to be working, and I installed the client wireguard-tools on my phone (via app), and on my laptop (EndeavorOS), and on my minecraft server (mineOS also in proxmox).

The web client for wg-easy shows all 3 clients connected and transmitting data.

I used my routers app to open the port to the wg-easy server.

I attempted to use my phone’s cell network to pretend like I am not home, and simply ping my minecraft server. I tried with the wg ip (10.8.0.x) and I tried pinging the normal wlan ip (192.168.x.x). Neither work. I’m really confused as to why this simple test didn’t work. The documentation on wireguard’s site is pretty sparse when it comes to testing your own setup. Doe anyone have any resource to help me understand how this should work?

Side note: I have to have wireguard installed on every computer in my home network if I want to be able to reach them, correct?

other side note: If I wanted to reach my minecraft webUI (mineOS) from outside my network, what address should I use?

  • mazadin@lemmy.world
    link
    fedilink
    arrow-up
    2
    ·
    8 months ago

    Wanted to help you potentially avoid a wild goose chase—port checking tools won’t detect a wireguard port as open…it’s specifically designed to not advertise its presence for security purposes. Bad handshake requests are ignored, making it look like a firewall DROP rule.

    • Nimrod@lemm.eeOP
      link
      fedilink
      arrow-up
      1
      ·
      8 months ago

      Oh wow. That is a good tip. Because that could drive someone like me insane. (Un)fortunately— I know there’s an issue. Any traffic I pass through my wg vpn ends up nowhere. So I know the tragic is being redirected, but I can’t tell where or why it doesn’t make it inside my home network.

      Either way, I got Tailscale to work right out the rip, so I’m just rocking that until I have more time to tinker with WG.