RTAX86S VPN Wireguard Server. Unable to connect to LAN servers

mrmason

Occasional Visitor
I setup the wireguard server with following params:

On Server:
Code:
Allow DNS = on
Enable NAT Ipv6 = off
Preshared key = on
Persistent keep alive = 25
Access Intranet = on

Apply All Settings

Setup client:
Code:
Address 10.6.0.2/32
Allowed IP's server 10.6.0.2/32
Allowed IP's client 0.0.0.0/0

Create the client, scan the QR code on a phone.

Change to mobile connection to get off my wifi
Visit dnsleaktest.com and check IP and all good. It resolves to my WAN IP

I use VNC Viewer and MS Remote desktop apps both on my phone. When connected to the router wireguard server I expect to be able to connect to these remote servers because when I'm connected via the tunnel it's like I'm on the LAN itself. However, I can't connect. VNC Viewer times out and MS remote desktop can't connect.

I tried again with new client, but this time changed the Allowed IP's Server to 10.6.0.2/32, 192.168.xxx.0/24. Connect again, but once again can't connect to remote servers.

So I setup my own separate wireguard server on a raspberry pi. I open the port on the router and connect using same phone. I can access dnsleaktest.com and see WAN IP. All good. I CAN connect to VNC Viewer and MS Remote desktop. So when I'm connected using my own wireguard server on a Pi, all is working as expected. However, when connected using router built in wireguard server, can't connect to servers using VNC Viewer or MS Remote desktop. It seems unnecessary to use another wireguard server and open a port when the router has one built in. So I would prefer to use the built in server and let the router handle the ports for me.

Perhaps I'm not configuring the server or client correctly, but have tried many different ways, but never able to connect.

Asus support is worthless so posting here. Any help to troubleshoot to get this working would be greatly appreciated. Thank you!
 

mrmason

Occasional Visitor
I setup the wireguard server with following params:

On Server:
Code:
Allow DNS = on
Enable NAT Ipv6 = off
Preshared key = on
Persistent keep alive = 25
Access Intranet = on

Apply All Settings

Setup client:
Code:
Address 10.6.0.2/32
Allowed IP's server 10.6.0.2/32
Allowed IP's client 0.0.0.0/0

Create the client, scan the QR code on a phone.

Change to mobile connection to get off my wifi
Visit dnsleaktest.com and check IP and all good. It resolves to my WAN IP

I use VNC Viewer and MS Remote desktop apps both on my phone. When connected to the router wireguard server I expect to be able to connect to these remote servers because when I'm connected via the tunnel it's like I'm on the LAN itself. However, I can't connect. VNC Viewer times out and MS remote desktop can't connect.

I tried again with new client, but this time changed the Allowed IP's Server to 10.6.0.2/32, 192.168.xxx.0/24. Connect again, but once again can't connect to remote servers.

So I setup my own separate wireguard server on a raspberry pi. I open the port on the router and connect using same phone. I can access dnsleaktest.com and see WAN IP. All good. I CAN connect to VNC Viewer and MS Remote desktop. So when I'm connected using my own wireguard server on a Pi, all is working as expected. However, when connected using router built in wireguard server, can't connect to servers using VNC Viewer or MS Remote desktop. It seems unnecessary to use another wireguard server and open a port when the router has one built in. So I would prefer to use the built in server and let the router handle the ports for me.

Perhaps I'm not configuring the server or client correctly, but have tried many different ways, but never able to connect.

Asus support is worthless so posting here. Any help to troubleshoot to get this working would be greatly appreciated. Thank you!

Update, I can connect to MS Remote desktop server. I had an incorrect IP address. Changed that and all ok.
I setup the wireguard server with following params:

On Server:
Code:
Allow DNS = on
Enable NAT Ipv6 = off
Preshared key = on
Persistent keep alive = 25
Access Intranet = on

Apply All Settings

Setup client:
Code:
Address 10.6.0.2/32
Allowed IP's server 10.6.0.2/32
Allowed IP's client 0.0.0.0/0

Create the client, scan the QR code on a phone.

Change to mobile connection to get off my wifi
Visit dnsleaktest.com and check IP and all good. It resolves to my WAN IP

I use VNC Viewer and MS Remote desktop apps both on my phone. When connected to the router wireguard server I expect to be able to connect to these remote servers because when I'm connected via the tunnel it's like I'm on the LAN itself. However, I can't connect. VNC Viewer times out and MS remote desktop can't connect.

I tried again with new client, but this time changed the Allowed IP's Server to 10.6.0.2/32, 192.168.xxx.0/24. Connect again, but once again can't connect to remote servers.

So I setup my own separate wireguard server on a raspberry pi. I open the port on the router and connect using same phone. I can access dnsleaktest.com and see WAN IP. All good. I CAN connect to VNC Viewer and MS Remote desktop. So when I'm connected using my own wireguard server on a Pi, all is working as expected. However, when connected using router built in wireguard server, can't connect to servers using VNC Viewer or MS Remote desktop. It seems unnecessary to use another wireguard server and open a port when the router has one built in. So I would prefer to use the built in server and let the router handle the ports for me.

Perhaps I'm not configuring the server or client correctly, but have tried many different ways, but never able to connect.

Asus support is worthless so posting here. Any help to troubleshoot to get this working would be greatly appreciated. Thank you!

Update, I was mistaken on MS Remote Desktop. I can connect fine. I had misconfigured the IP address of the server. Changing that in the app fixed it. However, I'm still unable to connect to a server on my LAN using VNC Viewer. It has my head spinning. Why can I connect to MS remote desktop, but not VNC viewer when connected to the same tunnel?
 

mrmason

Occasional Visitor
Update, I can connect to MS Remote desktop server. I had an incorrect IP address. Changed that and all ok.


Update, I was mistaken on MS Remote Desktop. I can connect fine. I had misconfigured the IP address of the server. Changing that in the app fixed it. However, I'm still unable to connect to a server on my LAN using VNC Viewer. It has my head spinning. Why can I connect to MS remote desktop, but not VNC viewer when connected to the same tunnel?

VNC is using direct connection on my LAN. When trying to connect remotely through the wireguard server I suspect
 

mrmason

Occasional Visitor
VNC is using direct connection on my LAN. When trying to connect remotely through the wireguard server I suspect
I spoke to soon. On another laptop, I can't connect to either MS Remote Desktop or to a server through VNC Viewer. Argh!
 

bbunge

Part of the Furniture
If you are running IPV6 on the router turn it off and try again. The VPN Server Wireguard setup is dead simple and has worked every time for me. I have even changed the listening port and it worked. (VPN Fusion is for client not server)
And register the VNC servers and you can connect to them from anywhere!
 

mrmason

Occasional Visitor
If you are running IPV6 on the router turn it off and try again. The VPN Server Wireguard setup is dead simple and has worked every time for me. I have even changed the listening port and it worked. (VPN Fusion is for client not server)
And register the VNC servers and you can connect to them from anywhere!
Ipv6 is already turned off. Yes, you are correct VPN Fusion is for clients. I updated the title to more accurately reflect the issue.
 

mrmason

Occasional Visitor
If you are running IPV6 on the router turn it off and try again. The VPN Server Wireguard setup is dead simple and has worked every time for me. I have even changed the listening port and it worked. (VPN Fusion is for client not server)
And register the VNC servers and you can connect to them from anywhere!
When you say it's working for you, what exactly do you mean by "working". I agree it's dead simple to setup. I'm pretty well versed in wireguard, having setup my own servers on AWS. For me, what is working is that I can connect to the server and use browser and it reflects my home IP address. As I am now connected to my LAN remotely through an encrypted wireguard tunnel and I checked "access intranet" I should also be able to do things like direct connect to a VNC server on my LAN. This works perfectly when I run my own wireguard server on a raspPi, but not when connecting through the router server. That's the isssue? Curious, if you are able to access all LAN servers and resources when you are connected?
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top