need advice for Netgear r7000 with VLAN and Wireguard

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page Previous  1, 2
Author Message
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12812
Location: Netherlands

PostPosted: Tue Aug 02, 2022 5:34    Post subject: Reply with quote
It is always difficult to give a definitive answer without knowing your exact setup but I will take a shot at question 2.

The Pi also has its own firewall and does not allow traffic from other subnets.
So either tweak the firewall of the Pi or Enable Allow Clients Lan access from the Gui.

If this does not help make a new post in the Advanced Networking Forum with full details e.g screenshots of setup

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Sponsor
Cold-Lemonade
DD-WRT Novice


Joined: 27 Mar 2021
Posts: 35

PostPosted: Sun Aug 07, 2022 2:42    Post subject: Reply with quote
egc wrote:
It is always difficult to give a definitive answer without knowing your exact setup but I will take a shot at question 2.


@egc Thank you for the kind suggestions. Your reply led me to try to connecting directly using the IP address of the RPi4. I had been trying to use http://homeassistant.local:8123/ but apparently this domain name does not work when I'm connected via Wireguard. Instead, I looked up the IP address assigned by ddwrt and then used it in place of "homeassistant.local". Then it worked!

Is there a way to used the same DNS in the Wireguard tunnel as I would use if I were connected to my ddwrt locally?

Again, many thanks!
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12812
Location: Netherlands

PostPosted: Sun Aug 07, 2022 8:06    Post subject: Reply with quote
Sure, almost all WireGuard Clients have a DNS setting and if you use the right IP address and if that IP address is reachable via the tunnel and the DNS server is listen then you can.

My WG server which is on 192.168.6.1 als has DNSMasq running and my clients e.g. my phone has 192.168.6.1 as DNS server

I think in recent builds DNSMasq is listening in on all interfaces if not you have to add in Additional DNSMasq options (X is the number of the tunnel/interface):
interface=oetX

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Cold-Lemonade
DD-WRT Novice


Joined: 27 Mar 2021
Posts: 35

PostPosted: Tue Aug 09, 2022 22:41    Post subject: Reply with quote
egc wrote:
Sure, almost all WireGuard Clients have a DNS setting and if you use the right IP address and if that IP address is reachable via the tunnel and the DNS server is listen then you can.

...

I think in recent builds DNSMasq is listening in on all interfaces if not you have to add in Additional DNSMasq options (X is the number of the tunnel/interface):
interface=oetX


Thank you @egc. My ddwrt router (v3.0-r49567 std (07/27/22)) has "Use dnsmasq for DNS" checked. My Wireguard tunnel has "DNS Servers via Tunnel" blank. Should this be filled in the with ip address of the ddwrt router, which is acting as a DNS server because of Dnsmasq?
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12812
Location: Netherlands

PostPosted: Wed Aug 10, 2022 5:36    Post subject: Reply with quote
No, you set the DNS server on the client side e.g on your phone.
_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Cold-Lemonade
DD-WRT Novice


Joined: 27 Mar 2021
Posts: 35

PostPosted: Fri Aug 12, 2022 0:10    Post subject: Reply with quote
I apologize for asking the following very basic question, but I'm still a newbie. When you say that I need to set the "DNS server in the client," do you mean in the WireGuard client, or do you mean elsewhere? And which DNS server do I need to point it to? I assume the IP address of the router to which the Home Assistant is connected (i.e., 192.169.1.1).

Many thanks!
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 12812
Location: Netherlands

PostPosted: Fri Aug 12, 2022 10:52    Post subject: Reply with quote
Cold-Lemonade wrote:
I apologize for asking the following very basic question, but I'm still a newbie. When you say that I need to set the "DNS server in the client," do you mean in the WireGuard client, or do you mean elsewhere? And which DNS server do I need to point it to? I assume the IP address of the router to which the Home Assistant is connected (i.e., 192.169.1.1).

Many thanks!


You can ask anything Smile
All WG clients whether Android, Apple, Windows have a DNS server field just look at the configuration of your clients.

See the DDWRT WireGuard Server setup for examples or just look at your own configuration for your WG client
You can set any DNS server you want, I either use the DNS server from my network (which is DNSMasq running on my router e.g. in my case the router which is 192.168.6.1 so I set that as DNS Server address) or any other publicly available DNS server you trust (9.9.9.9, 1.0.0.1 etc.)

If you use your own DNS server then you have to make sure that it is listening on the oetx interface, normally DNSMasq is listening on all non bridged interfaces so that normally works out of the box

_________________
Routers:Netgear R7000, R6400v1, R6400v2, EA6900 (XvortexCFE), E2000, E1200v1, WRT54GS v1.
Install guide R6400v2, R6700v3,XR300:https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
Install guide R7800/XR500: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
Forum Guide Lines (important read):https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Cold-Lemonade
DD-WRT Novice


Joined: 27 Mar 2021
Posts: 35

PostPosted: Fri Aug 19, 2022 10:51    Post subject: Reply with quote
Thank you @egc I got it working by following your instructions! Many thanks!

One thing I didn't realize is that the .local domain is special and that I should use something else like .home.
Goto page Previous  1, 2 Display posts from previous:    Page 2 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum