Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux_router:wireguard [2023-02-18 Sat wk07 13:49] – [Wireguard VPN access from WAN to LAN] baumkplinux_router:wireguard [2025-05-24 Sat wk21 21:09] (current) baumkp
Line 1: Line 1:
 {{tag>linux router vpn wireguard Docker "qr code" QR}} {{tag>linux router vpn wireguard Docker "qr code" QR}}
 =====Wireguard VPN access from WAN to LAN====== =====Wireguard VPN access from WAN to LAN======
 +<fc #ff0000>I use a Docker instance for my Wireguard server now.</fc>
 +
 I use 2 forms of vpn (virtual private network) on my home server. I use 2 forms of vpn (virtual private network) on my home server.
   - VPN to gain remote secure private access to my home LAN from the WAN (internet). //This is the one I am describing here.//   - VPN to gain remote secure private access to my home LAN from the WAN (internet). //This is the one I am describing here.//
Line 29: Line 31:
  
 ===Greatest Difficulties in Setting=== ===Greatest Difficulties in Setting===
-Wireguard is not chatty.  It is important that the setup information is done correctly, in particular the private and public keys.  Also the allowed ips is important. On the server side it is set to the main VPN ip address. On the client side it needs to be set to include ip addresses that are allowed to be access on the client side.+Wireguard is not chatty, this actually is a security feature.  It is important that the setup information is done correctly, in particular the private and public keys.  Also the allowed ips is important. On the server side it is set to the main VPN ip address. On the client side it needs to be set to include ip addresses that are allowed to be access on the client side.
 Some tools that help fault find: Some tools that help fault find:
   * On the server side: ''sudo tcpdump -i wan_device -c 5 port vpn_port'', where wan_device is the wan device, in my case ppp1 and vpn_port is the port number wireguard is set to, in my case 51914, the default is 51820.  This lets you see if the packets are coming in to the wan.   * On the server side: ''sudo tcpdump -i wan_device -c 5 port vpn_port'', where wan_device is the wan device, in my case ppp1 and vpn_port is the port number wireguard is set to, in my case 51914, the default is 51820.  This lets you see if the packets are coming in to the wan.
Line 496: Line 498:
   *[[https://www.the-digital-life.com/wireguard-docker/|Create your own VPN server with WireGuard in Docker]]   *[[https://www.the-digital-life.com/wireguard-docker/|Create your own VPN server with WireGuard in Docker]]
   *[[https://www.linuxserver.io/|Building and maintaining community {Docker} images]]   *[[https://www.linuxserver.io/|Building and maintaining community {Docker} images]]
 +  *[[https://hub.docker.com/r/linuxserver/wireguard|Dockerhub linuxserver.io wireguard]]
  
  
 <-  linux_router:misc|Prev page ^ linux_router:start|Start page ^ ->  ^ linux_router:nmap|Next page  -> <-  linux_router:misc|Prev page ^ linux_router:start|Start page ^ ->  ^ linux_router:nmap|Next page  ->