1

I set up a wireguard VPN on a raspberry pi using the steps described in this tutorial: https://notthebe.ee/raspi.html

I tried to access the VPN from a laptop through a wireless hotspot on my phone. The wireguard client shows successful handshakes. I can also access the internet on the laptop, through the VPN. However I cannot see any devices on the LAN (both in names 'NAS_home' or IP addresses, which is the reason I set up the VPN in the first place.

[Interface]
Address = 10.7.0.2/24
DNS = 1.1.1.1, 1.0.0.1
PrivateKey = [redacted]

[Peer]
PublicKey = [redacted]
PresharedKey = [redacted]
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = some.dynamic.domain.com:51820
PersistentKeepalive = 25

The LAN sits behind a (consumer) router on which I forwarded the port 51820 to the raspberry pi. The raspberry keeps its IP on (some.dynamic.domain.com) up to date using ddclient.

How can I get access local devices, file shares and such?

Improve this question
3
  • Your inability to see devices on the LAN is due to the VPN configuration. Is the VPN and these devices part of the same subnet?
    – Ramhound
    Commented Apr 30, 2022 at 13:38
  • @Ramhound the VPN subnet are NAT'd on the VPN server (see the install script the OP used). It could be the hotspot subnet conflicting with the remote LAN subnet though. See this for details of what wireguard (wg-quick) does.
    – Tom Yan
    Commented Apr 30, 2022 at 17:15
  • So I figured out in the meantime that I can see most of the devices on local IPs through the VPN, however not my router (which was the first one I tried, hence what I wrote in the question). So I guess what's missing is only the resolving of the names (I guess it's what you refer to as NAT?).
    – Ben the bear
    Commented Apr 30, 2022 at 18:05

1 Answer 1

Reset to default
2

I had the same configuration with PiVPN and could not see LAN devices from Windows with Wireguard activated.

The solution for me was to edit my tunnel configuration in Wireguard and untick the option: Block untunneled traffic

Doing this added the following line 128.0.0.0/1,::/1, 8000::/1

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .