How to fix Wireguard client not being found locally after startup (with Nextcloud)

4 min

pcvpnwireguardネットワーク自宅サーバー雑記
language: ja bn en es hi pt ru zh-cn zh-tw

ff-e1707311958782.png

Hello, this is Munou.

Wireguard is convenient and appreciated, but it was painful that local communication sometimes became impossible.
Especially now, I'm trying to set up a DLNA/UPnP server, and not being able to use local communication is quite painful.

So, let's try to solve this.

With netstat -nr, check the routing after starting and stopping Wireguard with wg-quick.

wg-quick up wg0

netstat -nr

Destination    Gateway    Netmask   Flags   MSS Window  irtt Interface  
0.0.0.0         192.168.10.1    0.0.0.0         UG        0 0          0 eth0
999.999.0.0     0.0.0.0         255.255.0.0     U         0 0          0 wg0
192.168.10.0    0.0.0.0         255.255.255.0   U         0 0          0 wg0
192.168.10.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0

Oh. (*I'll hide parts that seem necessary to hide.)

wg-quick down wg0

netstat -nr

Destination    Gateway    Netmask   Flags   MSS Window  irtt Interface  
0.0.0.0         192.168.10.1    0.0.0.0         UG        0 0          0 eth0
192.168.10.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0

With this, wg0 and eth0 are probably conflicting, or rather, Wireguard starts up and overwrites the routing.
If you're aiming for maximum security, this is fine, but since it works as long as Wireguard is connected, even without port mapping on your home router, local security should be somewhat protected. Therefore, I will change Wireguard's IP.

Server side

sudo vi /etc/wireguard/wg0.conf

[Interface]
Address = 10.1.0.1/24
PrivateKey = xxx
ListenPort = 51820

[Peer]
PublicKey = xxx
PreSharedKey = xxx
AllowedIPs = 10.1.0.2/32
PersistentKeepalive = 25

Client

sudo vi /etc/wireguard/wg0.conf

[Interface]
PrivateKey = xxx
Address = 10.1.0.2/24
DNS = 8.8.8.8

[Peer]
PublicKey = xxx
PreSharedKey = xxx
Endpoint = xxx:51820
AllowedIPs = 10.1.0.0/24
PersistentKeepalive = 25

Enter the following on both sides and restart

sudo wg-quick down wg0 && sudo wg-quick up wg0

Server side

Destination    Gateway    Netmask   Flags   MSS Window  irtt Interface  
0.0.0.0         192.168.10.1    0.0.0.0         UG        0 0          0 eth0
999.999.0.0     0.0.0.0         255.255.0.0     U         0 0          0 wg0
10.1.0.0    0.0.0.0         255.255.255.0   U         0 0          0 wg0
192.168.10.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0

Perfect.

With this, I was successfully able to access the local machine's IP.

And so, I can now smoothly watch fully self-hosted YouTube videos and listen to music locally.
Plus, the music plays super smoothly.

When uploading from home, uploading videos etc. over a VPN via a VPS wastes bandwidth and, more importantly, takes too much time.
Now, I can upload videos of about 5GB in less than 2 minutes, which is very helpful.

That's all for now.
Best regards.

Related Posts