Accessing home network remotely over WireGuard when the other network is on same subnet - eviltoast

My home network uses the incredibly common 192.168.1.0/24. I have WireGuard setup where I can connect to WireGuard and access my home network (I think via a static route?). I also use my home networks dns server (AdGuard home on 192.168.1.121) which then has a wildcard redirect for my domain to my Unraid server. When I connect to WireGuard remotely on someone else’s WiFi that uses the same 192.168.1.0/24 subnet, I can’t access dns or my local network (I assume because of ip conflicts).

I imagine my methodology is not best practice. Can someone recommend how I should go about fixing this? Should I change my home subnet to something less common? Should I setup a dns server that lives on my WireGuard network (10.253.0.0/24) that wildcard redirects my domain to the servers WireGuard ip? Something else? Thank you for taking the time to read this.

  • fediverser@alien.top
    link
    fedilink
    English
    arrow-up
    1
    ·
    11 months ago

    This post is an automated archive from a submission made on /r/selfhosted, powered by Fediverser software running on alien.top. Responses to this submission will not be seen by the original author until they claim ownership of their alien.top account. Please consider reaching out to them let them know about this post and help them migrate to Lemmy.

    Lemmy users: you are still very much encouraged to participate in the discussion. There are still many other subscribers on !main@selfhosted.forum that can benefit from your contribution and join in the conversation.

    Reddit users: you can also join the fediverse right away by getting by visiting https://portal.alien.top. If you are looking for a Reddit alternative made for and by an independent community, check out Fediverser.

  • BearOfaTime@lemm.ee
    link
    fedilink
    English
    arrow-up
    1
    ·
    11 months ago

    I know it’s been a week, but…

    I assume the machine you’re using on your friend’s network has a Wireguard client configured for Wireguard account/network info.

    I don’t use Wireguard, does it have it’s own DNS mechanism to resolve Wireguard-connected device names?

    For example, Tailscale has MagicDNS which will always resolve host names that use a fully-qualified Tailscale name to a Tailscale address.

    E.G: My Raspberry Pi host name is “raspberrypi”. Using just the short name it will attempt to resolve via local network DNS by appending local network domain to the end and querying the local DNS server.

    If I append the Tailscale domain (“raspberrypi.tailscale2525.net”), the Tailscale client will intercept the lookup and resolve to the Tailscale IP and route through the Tailscale mesh, regardless of local IP range.

    I assume Wireguard works the same (I’ve never used it). Mesh networks (somehow) see their own network differently than just an IP network.

  • RymdLord@beehaw.org
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    11 months ago

    What? I’m so confused what IPs are allowed on your VPN “client” and “server”. I think something is very wrong.