Menu
What's new
By:
Filters Better Search

WireGuard Client & WireGuard Server/InstantGuard at the same time?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

When sharing the phones connection using tethering on the laptop then connecting into the router through the WireGuard tunnel shows the Tidal Connect receiver but not the SkyQ boxes ...

Not sure if it might just be some entry served from a cache somewhere though. With mDNS repeater turned off the entry in Tidal does disappear however. Cannot make sense of this at all.
 
privacyguy123 said:
@ZebMcKayhan another Reddit post suggest using this got their setup working. https://github.com/sleinen/samplicator

I've got the code to compile on the router but the syntax for the cli/config file is way over my head, I'm not even sure what it's asking me for?
Click to expand...
Looks like it needs an interface/port to listen to and a set of destinations/ports to resend to. It makes little sense if you dont know which packets to replicate (direction and port)
 
ZebMcKayhan said:
Looks like it needs an interface/port to listen to and a set of destinations/ports to resend to. It makes little sense if you dont know which packets to replicate (direction and port)
Click to expand...
From what I gather upnp/multicast/unicast has standardized ports - which ones should I feed this program to test if it works?
 
privacyguy123 said:
From what I gather upnp/multicast/unicast has standardized ports - which ones should I feed this program to test if it works?
Click to expand...
Upnp has a standardized port over multicast (1900) https://en.m.wikipedia.org/wiki/Simple_Service_Discovery_Protocol

But mdns have another port... and all other multicasts have their own addressing and ports: https://en.m.wikipedia.org/wiki/Multicast_address

Replies to your muticast could be a unicast or multicast depending on command used and if its unicast you need to make sure its addressed to your wg client (so, I guess you need to preserve source addressing). If replies are multicast you need to setup replicator for this as well. Just adding something you think may fail as it may just be followed by another multicast or reply fails to find its way back aso. It will take time to sniff and work out packet by packet and make sure both delivery and reply is working.
 
Last edited:
@ZebMcKayhan is there any way this was ever just down to some iptables MASQERADE rule or something like that? I don't have any special rules set for WGS1 at all - surely this means nothing will forward or work out of the box?
 
privacyguy123 said:
@ZebMcKayhan is there any way this was ever just down to some iptables MASQERADE rule or something like that? I don't have any special rules set for WGS1 at all - surely this means nothing will forward or work out of the box?
Click to expand...
Routes are always setup to server in the main routing table. So it will be accessable to everyone (exception is if you also use a vpn client and redirect some lan ips to policy table via vpndirector, then a special rule is needed to force them to use WAN (main route table) for wgs destinations).

Not sure the firewall can do anything about this. Not sure if it would be possible to dnat multicast into unicast... the reciever end would probably disregard them...
 
ZebMcKayhan said:
Routes are always setup to server in the main routing table. So it will be accessable to everyone (exception is if you also use a vpn client and redirect some lan ips to policy table via vpndirector, then a special rule is needed to force them to use WAN (main route table) for wgs destinations).

Not sure the firewall can do anything about this. Not sure if it would be possible to dnat multicast into unicast... the reciever end would probably disregard them...
Click to expand...
Are you referring to this one or is there some extra scripts that need to go in nat-start or firewall-start?

1697645524640.png
 
You must log in or register to reply here.

Similar threads

T
WireGuard and Traditional QOS
2
Replies
24
Views
1K
Tomo123
T
D
Solved Samba, LACP & WireGuard. Question.
Replies
5
Views
329
DJones
D
D
GT-AX6000 - 3004_388.6_0 - Wireguard client - No Access to Servers local LAN
Replies
5
Views
630
Drihha
D
johndoe85
VPN site to site with additional VPN client to hide IP
Replies
14
Views
733
johndoe85
johndoe85
G
[Help] Routing VPN server through VPN client (external VPN Provider)
Replies
14
Views
1K
ZebMcKayhan
Z
Similar threads
Thread starter Title Forum Replies Date
A Restart WireGuard client when fails Asuswrt-Merlin 5
D GT-AX6000 - 3004_388.6_0 - Wireguard client - No Access to Servers local LAN Asuswrt-Merlin 5
Quan Wireguard performance on ASUS XT8 running VPN client Asuswrt-Merlin 1
H Multiple DNS Servers for WireGuard Client? Asuswrt-Merlin 0
S How to start Wireguard client via SSH? Asuswrt-Merlin 3
H WireGuard DNS Traffic From All Clients Sent Over First WireGuard Client Connection Asuswrt-Merlin 7
H Does wgclient-start Script Run Before Or After WireGuard Client Is Started? Asuswrt-Merlin 6
H WireGuard VPN PreUp Option to Run Command Before Client Connects? Asuswrt-Merlin 3
S Strange issues with WireGuard client Asuswrt-Merlin 2
dacid44 Routing packets through a wireguard client Asuswrt-Merlin 15

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 777 (members: 31, guests: 746)
Top