- 12 Posts
- 30 Comments
Looking for a good guide on getting this setup via docker and AD LDAP, any pointers?
Who’s your DNS provider? I use cloudflare and powershell script and hits their API. Works well
Same but powershell. Works like a charm runs every 5 minutes
You can bound ufw rules to interfaces, so you can allow in only on the wg0 interface and not eth0 interface.
Glad it’s working! I love wireguard!
Hmm do a traceroute and see where it’s dying. Can you ping inside IP of the tunnel on the wireguard server? What about outside?
What did you deploy in docker, firezone or basic wireguard?
Does your phone say connected and you see both incoming and outgoing packets? Is there a firewall in place on the wireguard host (ufw maybe)?
If you have nmap available you can also check port status.
Thanks for catching that, updated
Good thing about wireguard is it’s really simple. Google should get it done, if you get stuck send me a DM. I started with basic wireguard, I now run firezone in docker as I like the frontend.
deleted by creator
It means they can impersonate the Bluetooth device connected. Input devices are particularly concerning (keyboards and mice) as well as BT IoT devices which already historically lack good security controls. A lot of vehicles have Bluetooth integrated as well these days.
Haha I like the spirit but that’s not really a fix that’s just avoidance.
I would go with wireguard VPN or something like cloudflare tunnels or tailscale. With wireguard you’ll need to open up an external port and forward to your VPN host, but wireguard uses UDP so no one can probe it for responses. CF tunnels and tailscale you don’t have to open up holes in your firewall which is nice.
You also have the option of using a proxy and opening up 443 publicly on your firewall, but unless you know what you’re doing I’d leave that closed until you learn more.
Yes
I would get a domain name and use ddns to update your rotating IP. Then I would setup wireguard VPN in split tunnel and have your parents network tunnel back to your piholes for dns resolution.
I use cloudflare API for ddns updates but there are plenty of choices for that. If you’re using cloudflare for DNS just keep in mind you can’t proxy the DNS entry for the ip for your VPN host as CF only forwards traffic over certain ports and they are not configurable (on free plan anyway not sure about paid).
Don’t get rid of it, install Kodi and/or Plex on it
+1 for dst nat on googles dns servers back to my piholes
The error is telling you you already have something listening on port 80 so docker is unable to bind to 80 again until that is released. Try disabling nginx and apache as you stated.
You can run
netstat -pln
to show you what’s running on what port on your host is you want to verify
Yea I should read better
Yes they were hit back in 2019 as well