This video covers setting up WireGuard and WireGuard Easy on a Synology NAS running DSM 7.2 using Container Manager.
⭐️ SUPPORT THIS CHANNEL⭐️
⭐️ HIRE ME FOR A PROJECT⭐️
The video topics include:
• Prerequisites – Install Container Manager, Enable SSH, Setup DDNS and Port Forwarding.
• Downloading or building a WireGuard SPK file for your Synology NAS.
• Installing and running WireGuard.
• Installing WireGuard Easy through Container Manager.
• Logging in to WireGuard Easy and creating a client.
• Setting up an iPhone as a WireGuard client.
In the video I mentioned or referenced the following link:
• My Google Drive with WireGuard SPK files – https://drive.google.com/drive/folders/1Ci-8oWZ_gW8tH3mv5wKL19nKE1pR8ZfH
• What kind of CPU does my Synology NAS have? – https://kb.synology.com/en-me/DSM/tutorial/What_kind_of_CPU_does_my_NAS_have
• WeeJeWel/wg-easy (WireGuard Easy) Docker Hub page – https://registry.hub.docker.com/r/weejewel/wg-easy/
• Link to docker-compose.yml that I used as a starting point for the one used in the video – https://github.com/wg-easy/wg-easy/blob/master/docker-compose.yml
Commands used to start up WireGuard:
• sudo /var/packages/WireGuard/scripts/start (Command to start up WireGuard)
docker-compose.yml file referenced in the video:
version: “3.8”
services:
wg-easy:
environment:
# Required:
# Change this to the ddns hostname you configured.
– WG_HOST=(ddns hostname)
– PASSWORD=(password for wg-easy web-ui)
# Optional:
# – WG_PORT=51820
# – WG_DEFAULT_ADDRESS=10.8.0.x
# – WG_DEFAULT_DNS=1.1.1.1
# – WG_MTU=1420
# – WG_ALLOWED_IPS=192.168.15.0/24, 10.0.1.0/24
# – WG_PRE_UP=echo “Pre Up” /etc/wireguard/pre-up.txt
# – WG_POST_UP=echo “Post Up” /etc/wireguard/post-up.txt
# – WG_PRE_DOWN=echo “Pre Down” /etc/wireguard/pre-down.txt
# – WG_POST_DOWN=echo “Post Down” /etc/wireguard/post-down.txt
# Note the angle brackets/greater then symbols needed to be removed in the above 4 lines because it isn’t allowed in YouTube descriptions.
image: weejewel/wg-easy
container_name: wg-easy
volumes:
– .:/etc/wireguard
ports:
– “51820:51820/udp”
– “51821:51821/tcp”
restart: unless-stopped
cap_add:
– NET_ADMIN
– SYS_MODULE
sysctls:
– net.ipv4.ip_forward=1
– net.ipv4.conf.all.src_valid_mark=1
Timecodes
0:00 | Introduction
0:18 | Prerequisites
1:50 | Download Or Build A WireGuard SPK File For Your NAS
3:03 | Install And Run WireGuard
3:55 | Install And Run WireGuard Easy
6:04 | Log In To WireGuard Easy Web UI And Create Client
6:52 | Setup My Iphone As A WireGuard Client
7:26 | TIP – On Demand Activation
7:53 | Closing
#synology #wireguard #containermanager #docker
Thanks you for the very clear tutorial — a great help
Even after connecting it to my bridge where all my containers are connected to. There is no LAN acces. Even after setting allow ip's
I think this video lacks a lot of explaination. It is more like just follow the step, trust me kind of video.
Why port 51820 tho? You didn't explained.
I've watched this and several other videos on the subject and none seem to successfully show accessing services on the syno NAS even though the server is setup on the NAS. Is this an iptables, firewall, or routing issue with the gateway?
wireguard easy recently update to bcrypt password hash, this is not covered in an easy way to understand and would be a great revival of this video.
my wireguard stops working automatically after few seconds
Help! i follow all the steps but i can't connect my lan address + 51821 port to the webui
really nice guide.
I have a question, I have a VPN provider that I buy every year.
How would I be able to set up this config from the VPN provider for this wg-easy setup?
As I would like my synology to run entirely on wireguard. instead of openvpn
Amazing tutorial. I have setup as per your video. One thing i need. Wiregaurd is using complete tunnel. What to do if i only need to use tunnel for local traffic .like i only need lan to access when using wireguard ? Your help in this is much need
Thanks for the great tutorial.!!! especially on 7.2!
when I want to download the SPK file,to my NAS, I have this message "file format not valid. contact developer" ?
video time 3:23
my Nas is a DS 920+ (Geminilake), DSM 7.2.1 69057 Update 5
Why no port forwarding required for Tailscale which basically use Wireguard behind the scene. but port forwarding is required for pure wireguard setup?
When I start wireguard it almost immediately stops again. How do I fix this?
Can you please help me with this issue in DSM and Wireguard package installed as in the video?
Wireguard stops running after a second. I can't keep it to run.
It says "Manually Stopped".
Can't get WG to keep running, rebooted DSM, ran the scrpt but it just stopped after a few seconds running. DSM 7.2 DS1522+.
Good video, my CPU architecture is Avoton and I can't seem to find a package for that architecture. What should I do?
Does someone know what that package we're installing actually do? Or better said the docker container. Another question is it possible to set this server up as a way ro communicate with the nas example Synology drive but without access to the other home network? It works with the openvpn server but the windows client is crappy (automatic connection not working correctly especially on a laptop)
Could you please tell me how you set up the Wireguard as a client on DSM 7.2?
Would you happen to know if using the wireguard.spk file for our particular architecture would allow us to install any Wireguard image of choice? For example could we pair an image like ngoduykhanh/wireguard-ui with the spk file or is it specific only for wireguard-easy?
Thank you!!! Muchas gracias por el video, el único que me funcionó.
With this solution is it necessary to run the GUI port on the same port as the wireguard VPN traffic? With Docker on a Debian system I use different ports for each.
Thanks for this tutorial! Worked flawlessly!
It mentions there is an update available though. How do i update to the latest version? When i click on update and follow the instructions i get an access denied
I have DSM version 7.1 and there is no container manager anywhere in package center.
thank you! it works perfectly, the tutorial is very easy
Works but no internet
My docker container just randomely stops and the container manager shows it's gray but it says it's running. Portainer says it's runing as well. I restarted the container and container manager it says running and it's on green but it stops a few seconds later. I will take a look into the logs. Portainer logs says: Error: WireGuard exited with the error: Cannot find device "wg0"
This usually means that your host's kernel does not support WireGuard!
Edit: I googled it and saw your github post to solve this issue but if I want to apply the environment variables my Synology says the network is unstable or my system is fully occupied which is for both not the case. Is I sad I see that the container starts and stops every two minutes for no reason. I think it just tries to start the container but it fails to this error every time.
Note: The yml file that he linked has the default language set to German (DE). Change this to EN if you want it to be in English 😀
Thanks for the video and the question right here: how can I setup WG as a client?
how to connect wireguard as a network to other docker containers?
Would you please show how to change the password for wg-easy web-ui? Thank you!
This is awesome video tutorial, thanks for sharing!!!
how would i connect two synology nas using wireguard? i have wireguard on my fritzbox and would like to connect my offsite synology to this vpn
ddns doesn't seem to work on my offsite backup, even if i set is as exposed (for testing purposes) and this is driving me crazy
Is there any way to do this without installing the custom package, for example by running a VM
Thanks for this great video, going to give it a try on a new NAS I'm building. Do you think that this will persist with DSM updates, wireguard version updates, reboots, etc? Or will manual intervention be required? Mahalo!
Aloha… ! I can't figure this out the setting…. I've been messing with this wireguard installation and typing bunch of IP addresses here and there. Can't make it work… seems 4:50 some IP address and port setting need to be configured on user's setting however I don't know which IP is referring to which and setup on firewall setting etc. Having headaches through failures all this week 🙁
Hi DigitalAloha!! I've done up till setting up wireguard, however I'm stuck at 6:12 failed to open page at this point when typing in my NAS IP:51821 What am I suppose to do? help!
What that work on DSM v.7.1?
Thanks for the great tutorial. Note that on 7.2, a reboot is required after installing the package and before running the start command.
Many thanks. It work perfekt. i am beginner and i make all you show. now i have WireGuard on my Synology. ! =D
Can you make Tutorial for Synology Router. WireGuard on SMR will be very nice. =)
Great video! I wish that the iOS app for witeguard (or openvpn) would have faceID for added security.
Great, consie, thorough video! Thank you so much for you for the effort you put into making these videos easy for the rest of us!
Is spk file safe? Would you recommend this method?