• 0 Posts
  • 3 Comments
Joined 1 year ago
cake
Cake day: October 18th, 2023

help-circle
  • 0.0.0.0/0 already includes 192.168.0.0/16 However if your VPN doesn’t have an “exit node” configure (it’s Tailscale’s name for it but basically it means that there’s no machine configured to connect your tunnel to Internet) there could be issues with retrieving DNS.

    I’d suggest making AllowedIP ip your-vpn-net, 192.168.y.0/24

    Problem with that setup would be that while on your network with VPN turned on there could be conflicts.

    Other solution would be to host a pihole on your wireguard network, use pihole’s wg ip as DNS server in wg configs and in pihole create A record for your servers wg ip and domain name.



  • DuckDNS provides you with xxx.duckdns.org for free and gives you ability to generate wildcard certificates. What I suggest you do is
    1a) host VW locally only 1b) host it so that is accessible only with VPN.
    2. In duckdns set ip to you local ip that VW is being hosted on (ie 192.168.1.20) or vpn ip
    2. Use Traefik or NPM (or any other reverse proxy) to generate wildcard certificate with dns challange
    3. Use Traefik or NPM to point on your device to the port VW is accessible on