Help with Wireguard on VM

This post has been de-listed

It is no longer included in search results and normal feeds (front page, hot posts, subreddit posts, etc). It remains visible only via the author's post history.

Post Body

Hi all,

Are there firewall rules in Proxmox that need to be configured in order to get Wireguard working to connect to my home network LAN from a remote client/peer?

I'm having a hard time getting Wireguard set up on a Ubuntu Server 20.04 VM running in Proxmox, installed bare-metal on a NUC. I have the interface set up, and the server and client configurations seem to be set up correctly. Handshake is being made made. I have UDP port 51820 port forwarded to the IP of the UbuntuServer running WG. Checking wireguard status on the server shows:

interface: wg0
public key: [PUBLIC KEY OF WG SERVER]
private key: (hidden)
listening port: 51820
peer: rWceWUtLGFU3jZUQAKWRyy9muzNwxQ7SJhO4ZsWUNGQ=
endpoint: 10.0.1.1:51820  ##IP of my router (not manually entered, must have been automatically detected?)
allowed ips: 172.16.0.11/32 ##IP address of the client/peer wireguard network (not overlapping with any other subnets in use)
latest handshake: 1 second ago
transfer: 180 B received, 92 B sent

My server wg conf is:

[Interface]
Address = 172.16.0.10/24 ##IP address of my server's wg network (not overlapping with any other subnets in use)
SaveConfig = true
PostUp = ufw route allow in on wg0 out on ens18  ##ens18 is the network interface for my UbuntuServer VM.
PostUp = iptables -t nat -I POSTROUTING -o ens18 -j MASQUERADE
PreDown = ufw route delete allow in on wg0 out on ens18
PreDown = iptables -t nat -D POSTROUTING -o ens18 -j MASQUERADE
ListenPort = 51820
PrivateKey = [PRIVATE KEY OF WG SERVER]
[Peer]
PublicKey = [PUBLICKEY OF WG PEER]
AllowedIPs = 172.16.0.11/32 ##IP address of the client/peer wireguard network
Endpoint = [PEERS PUBLIC IP ADDRESS]:59277 ## Did not manually configure this, must have been automatically detected?

And my peer wg conf is:

[Interface]
PrivateKey = [PRIVATE KEY OF PEER]
Address = 172.16.0.11/24 ##IP address of peer wireguard network
[Peer]
PublicKey = [PUBLIC KEY OF WG SERVER]
AllowedIPs = 0.0.0.0/0 ##Route all traffic
Endpoint = [WG SERVER PUBLIC IP]  ##No port included, needed?

When connected (peer is on iOS), I can reach the internet, but cannot ping any devices on my LAN network.

Can anyone help?

Author

Account Strength

90%

Account Age

11 years

Verified Email

Yes

Verified Flair

Total Karma

1,038

Link Karma

249

Comment Karma

771

Profile updated: 3 days ago

Posts updated: 6 months ago

freeheelsfreeminds

Subreddit

r/Proxmox

Post Details

We try to extract some basic information from the post title. This is not always successful or accurate, please use your best judgement and compare these values to the post title and body for confirmation.

Posted: 2 years ago
Reddit URL: View post on reddit.com
External URL: reddit.com/r/Proxmox/com...