@wendigo Double-check that the tunnel configuration including key pair, port numbers and IP address is correct and current. I think Proton makes you re-download those from time to time (quite possibly for key rotation if nothing else).
That the wg0 tunnel interface shows up is no guarantee that the tunnel itself is working. One of the less nice things about Wireguard; you get no obvious "thing X is wrong" error when bringing the tunnel up if something isn't up to snuff.
@wendigo Is your /etc/resolv.conf being updated as you set up and tear down the Wireguard tunnel?
I don't use Arch btw. 
But that's definitely the first thing I would check.
I forget who the Arch Linux expert out there is, but I can't get wireguard to resolve DNS at all. And my laptop has the exact same setup, and it works fine. I have tried everything I can think of or look up. If anybody out there can help me shed some light on this, I'm using a ProtonVPN config. Thanks! And a boost would be welcome if you're amenable... ;>)
(2/2)
32 Calculator
33 SIM Toolkit
34 Messaging
35 Soundrecorder
36 Phone
37 #tubular
38 Clock
39 #wireguard
40 #yubicoauthenticator
Lastly, I have #immich in a #proxmox VM as a readonly viewer of the samba share so I can see photos on my phone and other devices. My devices connect to #wireguard when out of the house so they can still access the server to sync!
Hope that is helpful to someone, and let me know what I'm doing wrong and can improve!
4/4
After spending hours working on #wireguard to have a proper access control, I'm starting to realize that I'm better off using #tailscale for that.
[this little wiki page](https://github.com/wg-easy/wg-easy/wiki/Restrict-Access-to-Networks-with-iptables) really helped me figure out what to do to access control #wireguard
If you have used and loved #Tailscale, and you still like the product but want a sensible insurance option to reduce your exposure to potential #enshittification, what *hosted* options have you looked at as alternatives?
Part of the appeal of #Tailscale for me at least was that they provided a really thoughtful UX layer over some existing cool OSS tech like #wireguard.
Also, many of us have tried self-hosting and want to minimise what they self host if at all possible.
https://mastodon.social/@JonathanGerlach/114302498688902923
@JessTheUnstill @Pibble
And yes, I treat all devices as insecure and would rather invest the time and effort needed get #TechIlliterates up to speed on the #OfflinePGP method!
Given the cheapness of storage (legitimate 1TB microSD cards exist and they ain't 4-digit items!) I'd legitimately look into #OTP #encryption and (IF I had the €€€€€€ to do so!) would even sponsor implementing it in #OpenVPN, #WireGuard and #OpenSSH (for #SSH-Tunmeling).
I sincerely wish y'all could legitimately call me a tinfoilhat but so far I've been proven right all the time...
Na das lief ja schonmal gut!
Dank #wireguard und #remmina steht die sichere Verbindung ins Büro per #rdp. Das #homeoffice ist also auch unter #linuxmint startklar. Der lokale Drucker daheim kann ebenso angesprochen werden.
Public Preview: Cilium WireGuard Encryption Support in AKS #kubernetes #cilium #Azure #aks #wireguard 
https://azure.microsoft.com/en-us/updates
How do folks manage roaming/mobile #wireguard clients talking to homelabs that are also behind #CGNAT? I'm not seeing anything #STUN or #NAT related in the iOS wireguard app - how do you get p2p connectivity without hairpinning all traffic through a public/non-NAT node? (I'm fully aware of Tailscale - that's not the answer I'm searching for) #VPN
#wireguard weirdness
My phone has a WG client on it that connects back to the house (WG server is on the ASUS router). I can connect to Internet through the tunnel, and two devices (both servers) in the LAN, but not others, even with firewall on the router turned off.
The WG config has AllowedIPs = 0.0.0.0/0
Two of the devices are JetKVMs. Three are cameras. Can't see any restrictions on there.
This is my router; HP EliteDesk 800 G2 SFF with #Proxmox VE and #MikroTik CHR. Chelsio T520-CR Dual 10 Gbit and Intel Pro/1000 Dual 1 Gbit in pass-through. Routes at 10 Gbit, and handles 3.2 Gbit #Wireguard traffic.
Works amazingly well 
It's crazy that I could remote into my server in KL all the way from Kedah using only my mobile hotspot and #Wireguard #VPN connection without noticeable lag or delays whatsoever. Though, I also did the same when I was in Osaka, and I suppose that's more impressive lol - anyway, Wireguard (and #Pi-hole) = Big W.
I'm interested in setting up #WireGuard on my #Debian colo, as a #VPN solution for my phone when I'm on untrusted networks. But the quick start guide being a video is really putting me off, and the examples seem to be purely about ad-hoc peer-to-peer networking rather than a gateway.
I'm tempted to go back to my comfort zone with #OpenVPN, but I'll stick with it. At some point it'll click and I'll write a HOWTO.
@reimereien das ist ja ne interessante Geschichte. Ich mach das bisher selber mit #stubby, #dnsmasq und #wireguard auf nem Rechner vom #Hetzner. Da würd ich mir Zeit und Aufwand sparen.
Huh, thanks @mullvadnet!
Created an account and added funds in less than 5 minutes and had #Ipv6 connectivity.
I think a #systemd update broke something with my #wireguard tunnels or routing/port forwarding on the proxy server?
Not in the mood to debug, rebooting fixed the problem.
@chotemysl habe Ich mir tatsächlich überlegt, aber ich möchte mein Tarif ändern und bei dieser Gelegenheit auf eine andere #fritzbox mit #wireguard Wechsel.
