This assumes, of course, that you've correctly port forwarded from the public IP of the VPS and to the WG server. The above script only implements port forwarding once it successfully reaches the router.
Hello, I want to do the opposite of what the OP mentioned. I have set up a wg server on dd-wrt. I connect to it via a wg/plex docker container remotely. The connection is successful, and I can access Plex via IP on the dd-wrt LAN, but there seems to be no WAN connection. I have two questions...
What is the appropriate iptable rule for port 32400? Can/should it be added in the GUI? There are options called "route up script" and "route down script" in the wireguard tunnel config section. I don't know if the rules can be put directly into these boxes or if they require an actual script. Then, if only scripts work, I don't know what directory to put it in.
Joined: 18 Mar 2014 Posts: 12887 Location: Netherlands
Posted: Sun Apr 10, 2022 7:07 Post subject:
I have split off your post as you questions seems different.
Furthermore we can give better support if you state router model and build number.
See the forum guidelines with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Not really sure what you want but if you want to connect from the WG server side to the client side you might need a site-to-site connection.
I have split off your post as you questions seems different.
Furthermore we can give better support if you state router model and build number.
See the forum guidelines with helpful pointers about how to research your router, where and what firmware to download, where and how to post and many other helpful tips:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=324087
Not really sure what you want but if you want to connect from the WG server side to the client side you might need a site-to-site connection.
A site-to-site connection is described in the Advanced Setup guide
Thanks, I've updated my original post with my router information.
So, because I am behind a nat that I do not control, I set up a wg server on dd-wrt offsite. The server has a dynamic IP so I also have ddns.
I can connect to the server and browse the internet, but Plex doesn't seem to be able to communicate with my Plex account. Hmm.. basically I am trying to replicate a setup I saw on levelonetechs, but I think I'm missing the port forwarding part or perhaps whatever postup/postdown is doing.
Their instructions are below...
Create a config file (in /etc/wireguard)
vim wg0.conf
Joined: 18 Mar 2014 Posts: 12887 Location: Netherlands
Posted: Mon Apr 11, 2022 13:40 Post subject:
I had hoped someone with Plex and Docker experience would chime in, but until then I will give you my 2 cents.
Normally traffic flows only from Client to Server but now you will want traffic from Server to Client.
To do this you have to do the following:
Open up the firewall of the client for traffic from the server.
Disable NAT via the tunnel of the client
On the server side add the clients subnet to the allowed IP's
For example if your client is on 192.168.2.1/24 you add to the servers allowed IP: 192.168.2.0/24
The server now has a route to that client.
If your Plex is e.g. on 192.168.2.2 then you simply port forward (the regular way via the GUI) on the server side to 192.168.2.2
The advanced Setup guide has an example but of course that is for DDWRT
I had hoped someone with Plex and Docker experience would chime in, but until then I will give you my 2 cents.
Normally traffic flows only from Client to Server but now you will want traffic from Server to Client.
To do this you have to do the following:
Open up the firewall of the client for traffic from the server.
Disable NAT via the tunnel of the client
On the server side add the clients subnet to the allowed IP's
For example if your client is on 192.168.2.1/24 you add to the servers allowed IP: 192.168.2.0/24
The server now has a route to that client.
If your Plex is e.g. on 192.168.2.2 then you simply port forward (the regular way via the GUI) on the server side to 192.168.2.2
The advanced Setup guide has an example but of course that is for DDWRT
Alternatively you can double port forward, first from the server to the wg client and then from the wg client to Plex
I am confused. Not about your explanation but how the server is behaving. I have tested the same peer config across several devices. On my phone with LTE, it connects and I have no trouble browsing the web. It seems slow but every site works. If connected to wifi on the same device, it no longer works at all. On my Linux computer (wg-quick up), it connects but nothing works. However, when I use the same config in KVM on the same computer in Windows, it connects, and it sometimes works. Finally, it works on the wifi at Starbucks so I guess I'm out of luck at home.
I'm not sure what is happening but certainly, using Plex is impossible until I figure this out...
endpoint: x.x.x.x:13579
latest handshake: 1 minute, 48 seconds ago
transfer: 5.06 MiB received, 92.46 MiB sent
Those symptoms you describe can come from MTU which is too high.
If clients or networks in between also use ipv6 then lower MTU to 1420 on both sides, sometimes you have to go even lower
Thank you so much! That was it...
I tried 1420 and then 1400 and it started working everywhere. The ping is massive, like 180, but it's otherwise OK. My Wireguard/Plex docker containers also started working right after I reboot the router and forwarded port 32400 with my peer tunnel IP.