0

I'm using an old laptop as a Home server and I wanted to set up a VPN (Wireguard & DuckDNS using PiVPN) following this guide: https://chriskalos.notion.site/The-0-Home-Server-Written-Guide-5d5ff30f9bdd4dfbb9ce68f0d914f1f6#4395816a03b5400e8b8634b578b66f40

so I got my Domain from DuckDNS and I set a Static DHCP like this: https://imgur.com/a/Y18BGgS and I forwarded the port in my router following this guide: https://portforward.com/vodafone/gigabox/

this is what it looks like: https://imgur.com/a/4TsSxti when setting up pivpn I selected:

  • WireGuard as Installation mode

  • the default wireguard port: 51820

  • DNS provider: CloudFlare

  • Public IP or DNS: DNS Entry

  • Public DNS name of this server: <mydns>.duckdns.org and the Rebbot of the system

then I added a pivpn with pivpn add then pivpn -qr to generate a QR code I opened my WireGuard from my phone scanned the QR code and connected to my VPN but there was no internet connection in my phone.

this is a screenshot of my configuration: https://imgur.com/a/ge6TPek

sudo wg output with my phone connected to the VPN using mobile data :

xxx@xxx:~$ sudo wg
interface: wg0
  public key: xxxxx
  private key: (hidden)
  listening port: 51820
  fwmark: 0xca6c

peer: xxxxxx
  preshared key: (hidden)
  allowed ips: 0.0.0.0/0

My router info:

Firmware version: Vodafone-H-300s-v1.0.11.05
WAN IPv4 Address: 212.xxx.xxx.xx
WAN IPv6 Address:

My Public IPv4 using whatismyip is: 212.xxx.xxx.xx

ipvpn debug output: https://pastebin.pl/view/9d8a1fc2 any help, please? Thanks

Improve this question
7
  • Please edit the question to limit it to a specific problem with enough detail to identify an adequate answer.
    – Community Bot
    Commented Apr 21 at 17:27
  • @Community I wish I knew where the problem is, unfortunately, I don't. That's why I'm explaining everything I did
    – MrXQ
    Commented Apr 21 at 17:32
  • You mention Vodafone. Does your router have a public IP address? What is the output of sudo wg on your old laptop (after connecting to the VPN on your phone? Did you disconnect the phone from your local network before trying? // (Just ignore lazy flaggers and the resulting bot comments.)
    – Daniel B
    Commented Apr 21 at 18:37
  • @DanielB Thank you for the replay, 1- I have checked whether my router has a public IP adress or not using whatismyip and it displayed this: My Public IPv4:##.###.##.### My Public IPv6: Not Detected 2- sudo wg gives the same output whether the phone is connected or not and it's this: interface: wg0 public key: xxxxxxxxx private key: (hidden) listening port: 51820 peer: xxxxxxxxx preshared key: (hidden) allowed ips: 10.#5.###.2/3# , and yes Im on 4g when I connected to the VPN
    – MrXQ
    Commented Apr 21 at 18:53
  • Please put all additional information in your question. You can use proper formatting there. // Of course your traffic would eventually appear from a public IP address. Check again, in your router's UI, whether you actually have this public IP address and are not subject to CGNAT.
    – Daniel B
    Commented Apr 21 at 20:10

1 Answer 1

Reset to default
0

Using my static Public IP instead of DuckDNS has resolved the issue. Now, I can SSH into my home server and access all my files from it using Mobile Data. However, I'm unable to access the internet while connected to that VPN, to fix this I have followed this guide: https://docs.pi-hole.net/guides/vpn/wireguard/internal/#enable-nat-on-the-server

So I Enabled NAT on the server by adding the following to the [INTERFACE] section of my /etc/wireguard/wg0.conf:

PostUp = nft add table ip wireguard; nft add chain ip wireguard wireguard_chain {type nat hook postrouting priority srcnat\; policy accept\;}; nft add rule ip wireguard wireguard_chain counter packets 0 bytes 0 masquerade; nft add table ip6 wireguard; nft add chain ip6 wireguard wireguard_chain {type nat hook postrouting priority srcnat\; policy accept\;}; nft add rule ip6 wireguard wireguard_chain counter packets 0 bytes 0 masquerade

PostDown = nft delete table ip wireguard; nft delete table ip6 wireguard

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .