this post was submitted on 28 Nov 2025
10 points (100.0% liked)

Selfhosted

55304 readers
564 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

  7. No low-effort posts. This is subjective and will largely be determined by the community member reports.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS
ruud@lemmy.world
Loki@lemmy.world
CannaVet@lemmy.world
devve@lemmy.world
HybridSarcasm@lemmy.world
HybridSarcasm@lemmy.hybridsarcasm.xyz
10
WireGuard LAN access fails when router VPN client is active (lemmy.blahaj.zone)
submitted 2 months ago* (last edited 2 months ago) by BonkTheAnnoyed@lemmy.blahaj.zone to c/selfhosted@lemmy.world
8 comments fedilink hide all child comments
 

I run WireGuard on my router to hit my LAN services (SAMBA, home assistant, etc) from afar.

But when I enable the VPN client on my router, I can no longer access LAN services over Wireshark. "Allow LAN access is set to 'true'" on the UI (Merlin).

Has anyone else run into this? Any ideas?

top 8 comments
sorted by: hot top controversial new old
[–] slazer2au@lemmy.world 7 points 2 months ago (2 children)

I must be thinking of the wrong Wireshark because the one I know of is a packet capture program not a VPN client/server.

[–] 0x0@lemmy.zip 7 points 2 months ago (1 children)

Maybe Wireguard?

[–] BonkTheAnnoyed@lemmy.blahaj.zone 5 points 2 months ago* (last edited 2 months ago)

Yep. Edited. Definitely autocorrect's fault, not my morning brain fog.

[–] BonkTheAnnoyed@lemmy.blahaj.zone 3 points 2 months ago (1 children)

No, actually you're right. I meant wire guard.

[–] slazer2au@lemmy.world 3 points 2 months ago

All good mate.

[–] non_burglar@lemmy.world 4 points 2 months ago* (last edited 2 months ago) (1 children)

You are asking the WG server to listen to incoming requests from outside your lan subnet, so it is ignoring VPN requests from that subnet.

There are two solutions to this:

  1. Add routing to your wireguard server instance to allow the VPN intermediary subnet to accept connections from your lan subnet or
  2. Allow your wireguard client to split-tunnel, so it can reach subnets that aren't reachable outside your WG tunnel.
[–] BonkTheAnnoyed@lemmy.blahaj.zone 1 points 2 months ago

Thank you, this is really helpful, a good place to start.

[–] DevoidWisdom@sh.itjust.works 1 points 2 months ago

Just to verify do you have acces to the router from remote client?

Are you routing all traffic from the remote device through your lan router, or using split tunnel?

Im not a network pro, but I am running a very similar setup to circumvent CG-NAT and access lan servers. Things that I ran into were making aure I had the correct "Allowed IPs" set on all clients, and proper "routes" setup on the router.