Wg-easy - NOT easy

ekcennel · October 13, 2025, 7:32pm

Hi,
TrueNAS Scale version: 25.04
wg-easy app:
App Version: v15.1.0
Version: v2.0.12

I installed the official Scale wg-easy app using Host Networking. It was pretty straightforward.
I was able to generate the client tunnels and clients connected right away. But I couldn’t get the client to access the Internet until I set the Device setting under Admin Panel → Interface to enp0s31f6 (my TrueNAS network interface).
However, I couldn’t get the client to access any of the local LAN IPs. I found a post in the forum suggesting that only bridge interface would work. So I set up the Bridge interface in TrueNAS and added enp0s31f6 as its member. I added IP aliases of the apps to the bridge interface, including wg-easy. I set the Device to br0 under Admin Panel → Interface after the re-install. I still don’t have access to the other local IPs in the Bridge alias list. Now I don’t even have Internet access.
Can someone please help?

Saekerhett · October 14, 2025, 7:10am

I had something similar. I had to set a static route from the WireGuard subnet to the local TrueNAS IP address in my router. Did you do that already?

ekcennel · October 14, 2025, 1:57pm

No I did not.

Did you have to set up static routes for each of the local TrueNAS IPs that WireGuard client needs access to?

Saekerhett · October 14, 2025, 2:40pm

No, I just pointed the whole WireGuard subnet (in my case 10.8.0.0/24) to the ‘next hop’ which is my internal TrueNAS server IP address.

ekcennel · October 14, 2025, 3:55pm

Thank you!
BTW, did you use Host Networking for wg-easy or did you set up a bridge interface (br0) and use the alias IP you added in the bridge for the wg-easy host?

Saekerhett · October 14, 2025, 7:33pm

I used the host network during setup.