Just what it says.
What’s the correct setup for these two?
I want to cover my Raspberry Pi 4 with my VPN from Mullvad using Wireguard. I can download the .conf files from the Wireguard site and even make the keys there.
Here’s an example of the conf I am using:
[Interface]
PrivateKey = (private)
Address = 10.***.***.***/32
DNS = 193.***.***.74
PostUp = iptables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -I OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
PreDown = iptables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT && ip6tables -D OUTPUT ! -o %i -m mark ! --mark $(wg show %i fwmark) -m addrtype ! --dst-type LOCAL -j REJECT
[Peer]
PublicKey = (public)
AllowedIPs = 0.0.0.0/5, 8.0.0.0/7, 11.0.0.0/8, 12.0.0.0/6, 16.0.0.0/4, 32.0.0.0/3, 64.0.0.0/2, 128.0.0.0/3, 160.0.0.0/5, 168.0.0.0/6, 172.0.0.0/12, 172.32.0.0/11, 172.64.0.0/10, 172.128.0.0/9, 173.0.0.0/8, 174.0.0.0/7, 176.0.0.0/4, 192.0.0.0/9, 192.128.0.0/11, 192.160.0.0/13, 192.169.0.0/16, 192.170.0.0/15, 192.172.0.0/14, 192.176.0.0/12, 192.192.0.0/10, 193.0.0.0/8, 194.0.0.0/7, 196.0.0.0/6, 200.0.0.0/5, 208.0.0.0/4, 8.8.8.8/32
Endpoint = 185.***.***.130:51820
If I don’t add all those IP addresses to AllowedIPs I lose SSH access as soon as I start Wireguard.
The real problem though is that DNS isn’t working for some reason. I can’t ping anything and I can’t nslookup anything. As soon as I enable Wireguard I lose connection to the internet… As soon as I disable it. I have a connection again… I don’t understand why.
When scouring the internet, some people said their DNS settings were set incorrectly. I don’t understand. My DNS is simply 1.1.1.1. I should have no problem with this at all. I’ve also tried changing the DNS line in the .conf file to something else (in case it was down or not working) and even tried another server on Mullvad. Nothing works. It’s ALWAYS a DNS issue.
Also, to connect to a VPN provider do I need to install Wireguard in Server or Client mode? I can’t find this answer anywhere…