New to Wireguard and VPNs... how exactly should this work? - eviltoast

EDIT: It seems something is causing my wireguard hanshake to fail. I can’t find much on this particular error except “try rebooting the wg server”. I rebooted everything, and I can’t get it to connect unless the clients are already connected to the home wifi.

So I installed wg-easy on my one of my virtual machines on my proxmox “homelab”. It seems to be working, and I installed the client wireguard-tools on my phone (via app), and on my laptop (EndeavorOS), and on my minecraft server (mineOS also in proxmox).

The web client for wg-easy shows all 3 clients connected and transmitting data.

I used my routers app to open the port to the wg-easy server.

I attempted to use my phone’s cell network to pretend like I am not home, and simply ping my minecraft server. I tried with the wg ip (10.8.0.x) and I tried pinging the normal wlan ip (192.168.x.x). Neither work. I’m really confused as to why this simple test didn’t work. The documentation on wireguard’s site is pretty sparse when it comes to testing your own setup. Doe anyone have any resource to help me understand how this should work?

Side note: I have to have wireguard installed on every computer in my home network if I want to be able to reach them, correct?

other side note: If I wanted to reach my minecraft webUI (mineOS) from outside my network, what address should I use?

  • NateSwift@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    9 months ago

    Connect with your phone and check your public ip address (you can do this by googling or using a site like WhatIsMyIP. It should show the same IP as if you were on your home network without the vpn connected.

    If that’s working you could try actually connecting to the minecraft server. It might be set up to not respond to pings. You’ll want to use the same IP to connect to it as you’d use if you were on the same network

    • Nimrod@lemm.eeOP
      link
      fedilink
      arrow-up
      2
      ·
      9 months ago

      Thanks for the reply. As I said below: when I flip on the wireguard toggle in my phone’s app, it appears as if I am connected, but it seems something is off. I am not seeing the “last handshake on” line, and when I try to navigate to the internet (for example ‘whatismyip’, my browser app times out. So it seems my requests are trying to go through the VPN, but they are getting stuck.

      • NateSwift@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        9 months ago

        As others have said, definitely seems like a port forwarding issue. If you’re still trying to solve this, what do your port forward rules look like on your router?

        • Nimrod@lemm.eeOP
          link
          fedilink
          arrow-up
          1
          ·
          9 months ago

          This is the first time I have attempted to port forward. So there is only one rule: this one. Port 5xxxx:5xxxx to the internal IP with the wg-easy docker container.

          Thanks for the reply, but I’ve bailed on this project for now. I fly to Europe tomorrow, so I don’t have any extra time to tinker. I gave Tailscale a try, and it works flawlessly, so I’m not likely to try WireGuard any time soon. I’ll wait for them to try an monetize their “free plan” users.

          • NateSwift@lemmy.world
            link
            fedilink
            arrow-up
            1
            ·
            9 months ago

            Sorry you couldn’t get wireguard running, glad you found something else that works!

            Enjoy your trip!