What's new

RTAX86S VPN Wireguard Server. Unable to connect to LAN servers

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

mrmason

Occasional Visitor
I setup the wireguard server with following params:

On Server:
Code:
Allow DNS = on
Enable NAT Ipv6 = off
Preshared key = on
Persistent keep alive = 25
Access Intranet = on

Apply All Settings

Setup client:
Code:
Address 10.6.0.2/32
Allowed IP's server 10.6.0.2/32
Allowed IP's client 0.0.0.0/0

Create the client, scan the QR code on a phone.

Change to mobile connection to get off my wifi
Visit dnsleaktest.com and check IP and all good. It resolves to my WAN IP

I use VNC Viewer and MS Remote desktop apps both on my phone. When connected to the router wireguard server I expect to be able to connect to these remote servers because when I'm connected via the tunnel it's like I'm on the LAN itself. However, I can't connect. VNC Viewer times out and MS remote desktop can't connect.

I tried again with new client, but this time changed the Allowed IP's Server to 10.6.0.2/32, 192.168.xxx.0/24. Connect again, but once again can't connect to remote servers.

So I setup my own separate wireguard server on a raspberry pi. I open the port on the router and connect using same phone. I can access dnsleaktest.com and see WAN IP. All good. I CAN connect to VNC Viewer and MS Remote desktop. So when I'm connected using my own wireguard server on a Pi, all is working as expected. However, when connected using router built in wireguard server, can't connect to servers using VNC Viewer or MS Remote desktop. It seems unnecessary to use another wireguard server and open a port when the router has one built in. So I would prefer to use the built in server and let the router handle the ports for me.

Perhaps I'm not configuring the server or client correctly, but have tried many different ways, but never able to connect.

Asus support is worthless so posting here. Any help to troubleshoot to get this working would be greatly appreciated. Thank you!
 
I setup the wireguard server with following params:

On Server:
Code:
Allow DNS = on
Enable NAT Ipv6 = off
Preshared key = on
Persistent keep alive = 25
Access Intranet = on

Apply All Settings

Setup client:
Code:
Address 10.6.0.2/32
Allowed IP's server 10.6.0.2/32
Allowed IP's client 0.0.0.0/0

Create the client, scan the QR code on a phone.

Change to mobile connection to get off my wifi
Visit dnsleaktest.com and check IP and all good. It resolves to my WAN IP

I use VNC Viewer and MS Remote desktop apps both on my phone. When connected to the router wireguard server I expect to be able to connect to these remote servers because when I'm connected via the tunnel it's like I'm on the LAN itself. However, I can't connect. VNC Viewer times out and MS remote desktop can't connect.

I tried again with new client, but this time changed the Allowed IP's Server to 10.6.0.2/32, 192.168.xxx.0/24. Connect again, but once again can't connect to remote servers.

So I setup my own separate wireguard server on a raspberry pi. I open the port on the router and connect using same phone. I can access dnsleaktest.com and see WAN IP. All good. I CAN connect to VNC Viewer and MS Remote desktop. So when I'm connected using my own wireguard server on a Pi, all is working as expected. However, when connected using router built in wireguard server, can't connect to servers using VNC Viewer or MS Remote desktop. It seems unnecessary to use another wireguard server and open a port when the router has one built in. So I would prefer to use the built in server and let the router handle the ports for me.

Perhaps I'm not configuring the server or client correctly, but have tried many different ways, but never able to connect.

Asus support is worthless so posting here. Any help to troubleshoot to get this working would be greatly appreciated. Thank you!

Update, I can connect to MS Remote desktop server. I had an incorrect IP address. Changed that and all ok.
I setup the wireguard server with following params:

On Server:
Code:
Allow DNS = on
Enable NAT Ipv6 = off
Preshared key = on
Persistent keep alive = 25
Access Intranet = on

Apply All Settings

Setup client:
Code:
Address 10.6.0.2/32
Allowed IP's server 10.6.0.2/32
Allowed IP's client 0.0.0.0/0

Create the client, scan the QR code on a phone.

Change to mobile connection to get off my wifi
Visit dnsleaktest.com and check IP and all good. It resolves to my WAN IP

I use VNC Viewer and MS Remote desktop apps both on my phone. When connected to the router wireguard server I expect to be able to connect to these remote servers because when I'm connected via the tunnel it's like I'm on the LAN itself. However, I can't connect. VNC Viewer times out and MS remote desktop can't connect.

I tried again with new client, but this time changed the Allowed IP's Server to 10.6.0.2/32, 192.168.xxx.0/24. Connect again, but once again can't connect to remote servers.

So I setup my own separate wireguard server on a raspberry pi. I open the port on the router and connect using same phone. I can access dnsleaktest.com and see WAN IP. All good. I CAN connect to VNC Viewer and MS Remote desktop. So when I'm connected using my own wireguard server on a Pi, all is working as expected. However, when connected using router built in wireguard server, can't connect to servers using VNC Viewer or MS Remote desktop. It seems unnecessary to use another wireguard server and open a port when the router has one built in. So I would prefer to use the built in server and let the router handle the ports for me.

Perhaps I'm not configuring the server or client correctly, but have tried many different ways, but never able to connect.

Asus support is worthless so posting here. Any help to troubleshoot to get this working would be greatly appreciated. Thank you!

Update, I was mistaken on MS Remote Desktop. I can connect fine. I had misconfigured the IP address of the server. Changing that in the app fixed it. However, I'm still unable to connect to a server on my LAN using VNC Viewer. It has my head spinning. Why can I connect to MS remote desktop, but not VNC viewer when connected to the same tunnel?
 
Update, I can connect to MS Remote desktop server. I had an incorrect IP address. Changed that and all ok.


Update, I was mistaken on MS Remote Desktop. I can connect fine. I had misconfigured the IP address of the server. Changing that in the app fixed it. However, I'm still unable to connect to a server on my LAN using VNC Viewer. It has my head spinning. Why can I connect to MS remote desktop, but not VNC viewer when connected to the same tunnel?

VNC is using direct connection on my LAN. When trying to connect remotely through the wireguard server I suspect
 
VNC is using direct connection on my LAN. When trying to connect remotely through the wireguard server I suspect
I spoke to soon. On another laptop, I can't connect to either MS Remote Desktop or to a server through VNC Viewer. Argh!
 
If you are running IPV6 on the router turn it off and try again. The VPN Server Wireguard setup is dead simple and has worked every time for me. I have even changed the listening port and it worked. (VPN Fusion is for client not server)
And register the VNC servers and you can connect to them from anywhere!
 
If you are running IPV6 on the router turn it off and try again. The VPN Server Wireguard setup is dead simple and has worked every time for me. I have even changed the listening port and it worked. (VPN Fusion is for client not server)
And register the VNC servers and you can connect to them from anywhere!
Ipv6 is already turned off. Yes, you are correct VPN Fusion is for clients. I updated the title to more accurately reflect the issue.
 
If you are running IPV6 on the router turn it off and try again. The VPN Server Wireguard setup is dead simple and has worked every time for me. I have even changed the listening port and it worked. (VPN Fusion is for client not server)
And register the VNC servers and you can connect to them from anywhere!
When you say it's working for you, what exactly do you mean by "working". I agree it's dead simple to setup. I'm pretty well versed in wireguard, having setup my own servers on AWS. For me, what is working is that I can connect to the server and use browser and it reflects my home IP address. As I am now connected to my LAN remotely through an encrypted wireguard tunnel and I checked "access intranet" I should also be able to do things like direct connect to a VNC server on my LAN. This works perfectly when I run my own wireguard server on a raspPi, but not when connecting through the router server. That's the isssue? Curious, if you are able to access all LAN servers and resources when you are connected?
 
Hello Mr. Mason.

I have two nearly identical Asus AC88u routers.
Both set up with wireguard initially (vpn server only).
Then set up for bidirectional access using VPN fusion on one, and VPN server on the other. This is working.
In the process, one of the two routers allows vpn connectivity and access to devices.
The other allows vpn connectivity but no access to local devices.

Same problem as you... But stranger, in that I have it successfully working on one router but not the other...

I'm able to compare the client configs, and the server configs, and the routing tables, but haven't managed to figure out why one is working and the other isn't.
(Working meaning on one, I can connect to pc and NAS, whereas on the other, I can't).
Very odd.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top