I am using a macbook pro and wireguard to connect to my home with unifi network.
A server and NAS device are present at home but I can’t ping or reach them even when VPN shows connected.
I can browse the web, I confirmed that I am online with active VPN and my Public IP address shows my home’s IP. But I can’t connect to local devices on home network.
Any help would be appreciated.
Magic eight ball says. Not enough info available
Try this: System Settings → Privacy & Security → Local Network, add your apps there and restart them.
I banged my head for hours on this one. Connected to home WiFi, not even a VPN involved, couldn’t ping 192.168 addresses at all. It’s like it looks at all the IPs you have and their network component, and blocks those unless that setting is on, unless your DNS server also happens to be on that same network in which case somehow it does allow all LAN traffic.
Not sure this applies to VPNs, but it’s worth a try.
0.0.0.0/0 means full tunnel, send everything through the tunnel. have you tried pinging by ip instead of name?
I see. Looks like it, but is there a way to fix it or where should I start?
Ping IPs. Work? It’s DNS setting in the config file.
As mentioned in the original post " I can’t ping devices"
He is saying ping devices using their IP addresses, not hostnames. Is that what you are doing already?
Yes, I tried both. Didn’t work.
What is your wireguard IP address, and what is your home network subnet? Maybe you haven’t set up source NATing on the server side. The packets don’t know where to go on their way back.
Wireguard IP shows my public IP of my home. Home network subnet is 192.168.1.0/24
Never set up source NATing and not sure how to do that.
Also, currently I am away and also connected to another unify network at my worksite. Just checking the subnet here and it’s also 192.168.1.0/24
Not sure if this could be the issue or if it can be changed and how it would affect connected devices.
I am not asking about your public IP address.
What is your Wireguard IP address (the one in your Wireguard config)?
If they are different subnets, as they usually are, you need to do source NAT on the server side. Otherwise, you will not be able to communicate with any devices.
How are you running Wireguard on your server?
Okay, I do have Ubiquiti dream router, and that’s running the Wireguard server.
Usually, I was able to create client config files by just adding clients, and then importing it to Wireguard and just able to connect.
With this setup, I am unable to. When VPN is active, I am online and can browse the web, but can’t see any devices. I have a mapped drive and it doesn’t work either even when VPN is active.
I really appreciate you trying to help.
Here is what it looks like (the configuration on wire guard)
[Interface]
PrivateKey = 8CvpH-oiUK+SkIcu1k4=
Address = 192.168.2.3/32
DNS = 192.168.2.1
[Peer]
PublicKey = Cvm4qJqy69ifFJmbA/s2jQM7fdxIGcWmy2V6f0BSgiI=
AllowedIPs = 192.168.2.1/32, 192.168.2.3/32, 0.0.0.0/0
Endpoint = x
Hi, have you tried separating wg interface from the Lan ips? Dhcp might have assigned that lan ip to other devices.
Change interface address to something like 10.0.0.3/24 and on wg server config 10.0.0.1
If you do 0.0.0.0/0 you don’t need to add other ips in allowed ips.
Sorry, nothing obvious is occurring to me. I would suggest that you fire up Wireshark or something to see if you can find out what’s happening to the packets.
If the router is not forwarding anything to the home subnet, then you will have to look into forwarding etc. on the router. If the router is forwarding packets, then do you see any going back? If not, then the machines on the home subnet may need their firewalls tweaked. You would watch the packets on a machine on the home subnet. Use filters to cut down on the traffic that is displays.
One quick thing to try is to turn off the firewall temporarily on one of the machines and see if you can talk to it. Use IP addresses only at this stage.