So I’m using the Wireguard VPN built into Unraid. The problem is when I connect to the VPN I can not connect to any of the reverse proxy resources (https://myapp.mydomain.com) I’ve set up, but can connect to them over the internet (if I have that particular resource publicly exposed).
Now on the VPN I can still connect to any IPs/ports for the different docker containers (http://192.168.1.50:5000). Is there some extra configuration in Wireguard, SWAG, or my router that I have to do for this to work?
EDIT: From reading it sounds like NAT hairpinning isn’t working when connected via the VPN, but works fine when only connected locally. I assume I need to add some additional configuration for that to work?
Same problem for me. Did you find any solution for this?
I just ended up using the WireguardEasy docker instead and it worked fine. I also had a Raspberry Pi running Pihole that I later installed PiVPN on as a backup in case my Unraid server or dockers were down, and it worked as well for accessing the reverse proxy sites locally.
It’s been a while so I know there were other configuration changes I made that I can’t recall what impact they had on this specific issue. For instance I know I added a DNS configuration file on my Pihole to tell it that any requests for “mydomain” to resolve to my Unraid server’s IP address. This also meant I had to change the default HTTP/HTTPS Unraid webUI ports to something else so the Swag docker could use the standard 80/443 ports. I know the main reason I made this change was so my reverse proxy addresses would still resolve locally if my internet was down. Seems like there might’ve been other random issues with certain things it helped with as well. Theoretically this change should make the reverse proxy sites work when connected via the Wireguard VPN built into Unraid since NAT hairpinning wouldn’t be needed anymore in this case. I never actually tested that part though since I made this change long after I stopped using the built-in VPN.
I already have a L2TP-vpn trough my USG, and there isn’t any issues with reverse proxy when connecting that way. The reason I wanted to go with Wireguard is that L2TP on USG is slow and keeps disconnecting now and then. Wireguard seemed to be at better solution, much faster and stable, until I found this issue.
I also have Pihole with local DNS-entries, but for some reason when I point Wireguard to use Pihole for DNS I got the same issue as with reverse proxy. Connection to local IP-addresses possible, DNS-resolving works, ping addresses on Internet works, but loading website doesn’t work.