EDIT: It seems something is causing my wireguard hanshake to fail. I can’t find much on this particular error except “try rebooting the wg server”. I rebooted everything, and I can’t get it to connect unless the clients are already connected to the home wifi.

So I installed wg-easy on my one of my virtual machines on my proxmox “homelab”. It seems to be working, and I installed the client wireguard-tools on my phone (via app), and on my laptop (EndeavorOS), and on my minecraft server (mineOS also in proxmox).

The web client for wg-easy shows all 3 clients connected and transmitting data.

I used my routers app to open the port to the wg-easy server.

I attempted to use my phone’s cell network to pretend like I am not home, and simply ping my minecraft server. I tried with the wg ip (10.8.0.x) and I tried pinging the normal wlan ip (192.168.x.x). Neither work. I’m really confused as to why this simple test didn’t work. The documentation on wireguard’s site is pretty sparse when it comes to testing your own setup. Doe anyone have any resource to help me understand how this should work?

Side note: I have to have wireguard installed on every computer in my home network if I want to be able to reach them, correct?

other side note: If I wanted to reach my minecraft webUI (mineOS) from outside my network, what address should I use?

  • AtariDump@lemmy.world
    link
    fedilink
    arrow-up
    0
    ·
    9 months ago

    Did you open the appropriate port on your firewall and make sure you’re forwarding that port properly?

    Does the PC that’s the WG server have a static IP setup?

    Is that static IP in question 2 the same as what you’re forwarding the port to in question 1?

    • Nimrod@lemm.eeOP
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      9 months ago

      For your first question: I went to https://www.portchecktool.com/ and found that the connection is being refused. So I think this is the issue. I will have to dig in a bit more, but I do believe the answer to your 2nd and 3rd question are - yes.

      • mazadin@lemmy.world
        link
        fedilink
        arrow-up
        1
        ·
        9 months ago

        Wanted to help you potentially avoid a wild goose chase—port checking tools won’t detect a wireguard port as open…it’s specifically designed to not advertise its presence for security purposes. Bad handshake requests are ignored, making it look like a firewall DROP rule.