for the sake of completeness: I already started a Discussion of this topic on Reddit: https://www.reddit.com/r/WireGuard/comm ... king_post/ and hijacked another discussion in the DietPi Forum: viewtopic.php?f=9&t=8537
However, I start from the beginning:
I run Dietpi on a Raspi with PiHole set up and working fine.
Next step was to set up Wireguard to have PiHole functionality and access to LAN on the go. My ISP provides only DS Lite, so just having IPv6 was the first problem for me (IPv4 is so much easier to understand). However, i managed to get a connection from WAN via Wireguard to the Dietpi with these configs:
Code: Select all
[Interface]
Address = 192.168.0.3/24, fe80::dea6:32ff:fe33:85cb/64
PrivateKey = *Key*
ListenPort = 51902
PreUp = /boot/dietpi/func/obtain_network_details
PostUp = sysctl net.ipv4.conf.%i.forwarding=1 net.ipv4.conf.$(mawk 'NR==3' /run/dietpi/.network).forwarding=1
PostUp = sysctl net.ipv6.conf.$(mawk 'NR==3' /run/dietpi/.network).accept_ra=2
PostUp = sysctl net.ipv6.conf.%i.forwarding=1 net.ipv6.conf.$(mawk 'NR==3' /run/dietpi/.network).forwarding=1
PostUp = ip neigh add proxy fe80::dea6:32ff:fe33:85c2 dev eth0
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE
PostUp = ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE
PostDown = ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE
# Client 1
[Peer]
PublicKey = *Key*
AllowedIPs = 192.168.0.5/32, fe80::dea6:32ff:fe33:85c2/128
Code: Select all
[Interface]
Address = 192.168.0.5/32, fe80::dea6:32ff:fe33:85c2/128
PrivateKey = *Key*
DNS = fe80::dea6:32ff:fe33:85cb, 192.168.0.3
[Peer]
PublicKey = *Key*
Endpoint = *correct-ipv6-address*:51902
AllowedIPs = 0.0.0.0/0, ::/0
Code: Select all
net.ipv6.conf.all.accept_ra = 2
net.ipv6.conf.eth0.accept_ra = 2
net.ipv6.conf.wg0.accept_ra = 2
net.ipv6.conf.all.forwarding = 1
net.ipv4.ip_forward = 1
net.ipv6.conf.all.proxy_ndp = 1
net.ipv6.conf.eth0.proxy_ndp=1
ip neigh add proxy fe80::dea6:32ff:fe33:85c2 dev fe80::dea6:32ff:fe33:85cb
sudo wg gives this:
Code: Select all
endpoint: *public IPv6*:51393
allowed ips: 192.168.0.5/32, fe80::dea6:32ff:fe33:85c2/128
latest handshake: 42 seconds ago
transfer: 50.75 KiB received, 1.02 KiB sent
Code: Select all
Line unrecognized: `Address=192.168.0.3/24,fe80::dea6:32ff:fe33:85cb/64'
Configuration parsing error
@trendy and @Joulinar noted in the other DietPi Forum Thread that if I have or had Docker installed, it might be a problem, however I never had Docker installed.
So, that's my problem with I hope nearly all information required given. Let the trouble shooting begin
