You are here

Home » Forums » General discussion

Node not reachable via WAN-WEB when WireGuard-Tunnel is set

7 posts / 0 new
Log in or register to post comments
Last post
Thu, 03/19/2026 - 04:27
#1
HB3XCQ
Node not reachable via WAN-WEB when WireGuard-Tunnel is set
Dear AREDN-People
I face a very strange behavior of my nodes (hap lite, ac3 and even the VMs):
If i setup a node, it works perfectly fine and it is reachable via WAN-WEB. but as soon as i setup a wireguard tunnel the WAN-WEB access out of my local network is not possible anymore, The nodes are not even able to receive PINGs.
I run a Unifi UDM Pro where the nodes are directly in pluged.
Can someone help me what is wrong here?
Thank you and 73 HB3XCQ
Top
Thu, 03/19/2026 - 20:38
KD1HA
KD1HA's picture
More information is needed.
More information is needed.
Are you the client or the server?
If you are the server, you need to set your home router port to each of your clients as shown on the generated IP:port# into the same gateway IP address and just the port number not the generated IP address. 

If you are the client they need to do the same as above for you. 

Ex: Home router is 192.168.1.58 then insert under that address port forwarding HB3xxx 5516 HB7xxx 5517 and so on. 


Denis KD1HA 
Top
Sat, 03/21/2026 - 05:52
HB3XCQ
Thank you for your answer:
Thank you for your answer:
Details:
Tunnelserver has ip 192.168.10.5 (Active WireGuard-Tunnels)
My client is in an other subnet 192.168.8.x having a firewall in the udm pro that rewrites the connection to the other subnet.
If on my tunnelserver or also on the ac3 are wireguard tunnels active, the access does not work. if there is no tunnel at the nodes, the access works just fine acording to the firewall rules. i think that there might be some conflicts but i can not make any logical sence out of it. the wireguard server is not activ in the wan (out of view of the hap or tunnel server).
Or does wireguard expose something in to the network (homenetwork) that could be an issue?
Thank you and 73
Top
Mon, 03/23/2026 - 21:57
(Reply to #3)
KD1HA
KD1HA's picture
I'm sorry but I'm having a
I'm sorry but I'm having a hard time following you on this.
Your tunnels should have an IP and a port number 172.xxx.xxx:5525 are you seeing that? 
Top
Sat, 03/21/2026 - 14:06
w6bi
w6bi's picture
Firewall tunnels
Remember that Wireguard uses UDP, not TCP.  Are your firewall rules configured accordingly?

Orv W6BI
Top
Tue, 03/24/2026 - 09:33
nc8q
nc8q's picture
WAN-WEB
HB3XCQ:

What is 'WAN-WEB'?

73, Chuck
 
Top
Thu, 03/26/2026 - 23:13
(Reply to #6)
K6CCC
K6CCC's picture
WAN-WEB

What is 'WAN-WEB'?

Access to the node web page via the WAN port I assume - which normally works fine...

 
Top

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer