URbackup will not connect with clients over Wireguard VPN

Hello everyone,

I have a Debian server (192.168.1.100) running OMV and then in docker I have Wireguard, and Urbackup. These are running on my LAN with a standard subnet of 192.168.1.0/24. Wireguard uses their default subnet of 10.8.0.0/24 and then docker assigns IP’s to the containers 172.17.0.0.

I have my parents PC’s setup to run over the VPN, to my LAN and that all works fine, I can log into the dashboard for Urbackup, and download the client. However the client will not connect to the server and backup.

I thought it may be some routing issue with Wireguard causing issues. I have the client setup to connect over internet to “urbackup://192.168.1.100:55414” have given ‘client discovery hints’ for 10.8.0.4 (the client pc IP assigned for the wireguard tunnel).

The client just remains at idle, says its connected to the internet server, but there is no connection on the server status side. Is this because Urbackup cannot find a path back to the client over the VPN? is there some routing I need to do on my end above and beyond the standard wireguard routing that has worked up until this point?

Is there anyone running a similar setup to this that could help me out with it? any help is much appreciated!

I had this issue too, I’m still getting errors running a backup but i think its related to something else with Shadowcopy on the system I’m backing up. That being said, the one thing I noticed was that the wireguard networks are considered Public from a firewall sense. I tried turning the firewall off but that didn’t seem to fix it, so i ended up manually changing the Network Type in Windows from Public to Private (i had to run a power shell command on both the client and the server) and then they were able to talk and it shows up on the server as Online .

Hi @Gruthius I don’t really grasp your setup to be honest :slight_smile: but if your server is directly reachable via wireguard tunnel (i.e. it is a peer) then maybe you could use internet mode both within your LAN and WireGuard? You can assign multiple “internet” IP addresses to your server, forget discovery hints, and then client will try them all in sequence.

For example:

Internet server name/IP: 192.168.1.100;10.8.0.100

Hi @Gruthius
In my setup I have site-to-site wireguard vpn configured directly on the routers (4 sites). I am able to backup everything with urbackup via the vpn.
To get it working, I had to add the clients manually on the server web interface (by specifying their IP Address under Status → Add hostname/IP as client discovery hint).