Hello,
can someone please tell me how to whitelist IPs and therefore devices in my LAN when using wireguard?
As soon as I am using wireguard I can't access my phone via airdroid, or my Set-Top-Box via LAN for example.
I tried putting my LAN as 192.168.2.0/24 in the line of "Allowed IPs = ..." in the config, but that didn't work.
Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ
Whitelist / access LAN IP addresses with Wireguard
-
DudeOfLondon
Topic Author - Posts: 84
- Joined: Sat Jan 10, 2015 5:14 pm
Re: Whitelist / access LAN IP addresses with Wireguard
If you go on wireguard app on Windows or maybe Mac too, untick the "Block untunneled traffic".
Make sure your clients that you are using are opened - as in some will just work with this option easily, whilst some will need to go through configuration to make sure they are accessible through your gateway (router).
But on the Android app, simply find your profile you are connected to > tap it > edit (tap little pen) > swipe down > check "Exclude private IPs" > Save
You will then see a list, and that list looks like the one below. (or even add to your Wireguard client on Windows and Mac, try unblocking these (below in bold)... Or add all of them together then subtract one by one checking if your services or devices are working
0.0.0.0, 8.0.0.0, 11.0.0.0, 12.0.0.0, 16.0.0.0,
32.0.0.0, 64.0.0.0, 128.0.0.0, 160.0.0.0,
168.0.0.0, 172.0.0.0, 172.32.0.0, 172.64.0.0,
172.128.0.0, 173.0.0.0, 174.0.0.0, 176.0.0.0, 192.0.0.0,
192.128.0.0, 192.160.0.0, 192.169.0.0, 192.170.0.0,
192.172.0.0, 192.176.0.0, 192.192.0.0, 193.0.0.0, 194.0.0.0,
196.0.0.0, 200.0.0.0, 208.0.0.0, 10.31.33.7
Make sure your clients that you are using are opened - as in some will just work with this option easily, whilst some will need to go through configuration to make sure they are accessible through your gateway (router).
But on the Android app, simply find your profile you are connected to > tap it > edit (tap little pen) > swipe down > check "Exclude private IPs" > Save
You will then see a list, and that list looks like the one below. (or even add to your Wireguard client on Windows and Mac, try unblocking these (below in bold)... Or add all of them together then subtract one by one checking if your services or devices are working
0.0.0.0, 8.0.0.0, 11.0.0.0, 12.0.0.0, 16.0.0.0,
32.0.0.0, 64.0.0.0, 128.0.0.0, 160.0.0.0,
168.0.0.0, 172.0.0.0, 172.32.0.0, 172.64.0.0,
172.128.0.0, 173.0.0.0, 174.0.0.0, 176.0.0.0, 192.0.0.0,
192.128.0.0, 192.160.0.0, 192.169.0.0, 192.170.0.0,
192.172.0.0, 192.176.0.0, 192.192.0.0, 193.0.0.0, 194.0.0.0,
196.0.0.0, 200.0.0.0, 208.0.0.0, 10.31.33.7
-
DudeOfLondon
Topic Author - Posts: 84
- Joined: Sat Jan 10, 2015 5:14 pm
Re: Whitelist / access LAN IP addresses with Wireguard
Ok, thank you.
I still don't understand this config:
only 192.168.178.0/24 in the allowed IPs does not work, (no LAN access and no internet access)
only 192.168.178.0/23 I can access LAN but no internet. (although every LAN devices is from 192.168.178.x)
only 0.0.0.0/1 I can access LAN and Internet
I still don't understand this config:
only 192.168.178.0/24 in the allowed IPs does not work, (no LAN access and no internet access)
only 192.168.178.0/23 I can access LAN but no internet. (although every LAN devices is from 192.168.178.x)
only 0.0.0.0/1 I can access LAN and Internet
-
DudeOfLondon
Topic Author - Posts: 84
- Joined: Sat Jan 10, 2015 5:14 pm
Re: Whitelist / access LAN IP addresses with Wireguard
If I put all IPs from your list (or the Android client) I don't have internet access