EDIT 10/24/24:
Got it working after a lot more trial and error.
Ultimately what fixed it was
This needs to be done at each boot, so I have a bash script that runs as a service
Now with this settled, I ran into an issue that was probably lack of knowledge on my part - After booting, I couldn't SSH into the VPN address until I first tried the PBS LAN address. So it'd basically go VPN address, fail, LAN address, fail, VPN address, now works. This was the case for both SSH and the WebUI - The WebUI wouldn't load on the VPN address until I tried to SSH into the LAN address.
To fix this, I did a few things:
Changed the SSH service to start after, and want, the wg0 service. Also start after the ping service below.
Created a bash script for PBS to ping the PVE address, it's own VPN address, and the WG gateway address. This is also run as a service.
This is what ended up solving my connection issues for the VPN address. I don't know which of the above pings is solving it (My guess is the one back to 10.1.1.2, which routes to wg0, which my guess is like wakes it up so it can handle the incoming SSH and WebUI requests?),
Also removed the wg0 from /etc/network/interfaces, not needed at all.
All up and working now, added the fix if someone else needs this and comes across it.
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
I want to put a machine running PBS at my dads. I'd like to connect to this using my VPN. I have it mostly set up - I can SSH the VPN address, access the WebUI using VPN address, but when I try to do a backup, it fails. I saw someone else mention something about iptables but that is unknown territory to me. PVE seems to connect to PBS just fine, I can see it in PVE, but when I do a backup, it hangs at 0-4% completed. I've tried finding what I could, one included setting wg0 as an interface in PBS which I did below. PVE is not on any VPN network.
PBS works fine without the VPN.
Background:
Default LAN is 10.1.1.1
LAN PVE is 10.1.1.2
OPNsense runs my Wireguard sever.
VPN_PBS subnet is 10.50.50.1/24
LAN PBS address is 10.1.1.250
VPN PSB address is 10.50.50.2
PBS can ping 10.1.1.2, PVE can ping 10.50.50.2.
wg0.conf:
/etc/network/interfaces
Got it working after a lot more trial and error.
Ultimately what fixed it was
ip route add 10.1.1.2/32 via 10.50.50.1 dev wg0This needs to be done at each boot, so I have a bash script that runs as a service
Code:
[Unit]
Description= Sets custom route to forward traffic for PVE to the WG interface
After=wg-quick@wg0.service
Wants=wg-quick@wg0.service
[Service]
ExecStart=/home/user/customiproutes.sh
[Install]
WantedBy=multi-user.targetNow with this settled, I ran into an issue that was probably lack of knowledge on my part - After booting, I couldn't SSH into the VPN address until I first tried the PBS LAN address. So it'd basically go VPN address, fail, LAN address, fail, VPN address, now works. This was the case for both SSH and the WebUI - The WebUI wouldn't load on the VPN address until I tried to SSH into the LAN address.
To fix this, I did a few things:
Changed the SSH service to start after, and want, the wg0 service. Also start after the ping service below.
Created a bash script for PBS to ping the PVE address, it's own VPN address, and the WG gateway address. This is also run as a service.
Code:
[Unit]
Description= Wake up the network I guess
After=network-online.target wg-quick@wg0.service
Wants=network-online.target wg-quick@wg0.service
[Service]
ExecStartPre=/bin/sleep 10
ExecStart=/home/user/ping.sh
[Install]
WantedBy=multi-user.targetThis is what ended up solving my connection issues for the VPN address. I don't know which of the above pings is solving it (My guess is the one back to 10.1.1.2, which routes to wg0, which my guess is like wakes it up so it can handle the incoming SSH and WebUI requests?),
Also removed the wg0 from /etc/network/interfaces, not needed at all.
All up and working now, added the fix if someone else needs this and comes across it.
-------------------------------------------------------------------------------------------------------------------------------------------------------------------
I want to put a machine running PBS at my dads. I'd like to connect to this using my VPN. I have it mostly set up - I can SSH the VPN address, access the WebUI using VPN address, but when I try to do a backup, it fails. I saw someone else mention something about iptables but that is unknown territory to me. PVE seems to connect to PBS just fine, I can see it in PVE, but when I do a backup, it hangs at 0-4% completed. I've tried finding what I could, one included setting wg0 as an interface in PBS which I did below. PVE is not on any VPN network.
PBS works fine without the VPN.
Background:
Default LAN is 10.1.1.1
LAN PVE is 10.1.1.2
OPNsense runs my Wireguard sever.
VPN_PBS subnet is 10.50.50.1/24
LAN PBS address is 10.1.1.250
VPN PSB address is 10.50.50.2
PBS can ping 10.1.1.2, PVE can ping 10.50.50.2.
wg0.conf:
Code:
[Interface]
PrivateKey =
Address = 10.50.50.2/32
[Peer]
PublicKey =
PresharedKey =
AllowedIPs = 10.1.0.0/16
Endpoint = myhost.duckdns.org:myport/etc/network/interfaces
Code:
auto lo
iface lo inet loopback
#iface enp2s0 inet dhcp
auto enp2s0
iface enp2s0 inet static
address 10.1.1.250/24
gateway 10.1.1.1
auto wg0
iface wg0 inet static
address 10.50.50.2/24
gateway 10.50.50.1
#iface wlp3s0 inet manual
source /etc/network/interfaces.d/*
Last edited: