SmoothWAN Engarde on Oracle Cloud

anon83253404 · October 17, 2023, 6:52pm

Hello,

I have spent many months configuring SmoothWAN with Engarde on my Raspberry Pi 4. I love using SmoothWAN. However, I cannot get it to work on Oracle Cloud VPS or Amazon AWS due to my limited knowledge - I believe they require some changes to the syntax in cloud init script, in order to work on Oracle/AWS?

The guidelines specify how to set it up on Vultr using Cloud init script. However, Vultr seems to trigger huge latency spikes in some games. The same script does not work on Oracle/AWS.

Can someone please help set up SmoothWAN with Engarde on Oracle Cloud? A script for AWS EC2 would be a bonus!

Thanks in advance!

TalalM · October 21, 2023, 6:31am

Yes, Oracle and AWS are tricky to setup, and you need to open ports in the VPC page.
Will create a manual installation script next release for setup without cloud-init.

anon83253404 · October 21, 2023, 6:48am

I would greatly appreciate it! Thanks

thematy · November 5, 2023, 4:30pm

Hey, I tried to do on my own according your cloud-init, but not working maybe I do need more ports to be exposed in VCN on oracle? I did 1024-65000
Please correct me where can be a problem (my second time writing shell script )

#!/bin/bash

# ANSI color codes  // light colors
ORANGE='\033[33m'
RED='\033[91m'
CYAN='\033[96m'
RESET='\033[0m'

# Check if you are running as sudo
if [ "$EUID" -ne 0 ]; then
  echo && echo
  echo -e "${RED}This script requires superuser privileges. Please run it with sudo.${RESET}"
  exit 1
fi

# Start
clear
echo && echo
echo -e "${CYAN}Running the installation script for Engarde...${RESET}"
echo
sleep 3

# Install WireGuard
apt-get update
apt-get install -y wireguard

# Set the Password
Password="7xzfz1MUwKvPRQ9tuXKF"

# Disable firewalld and ufw
systemctl disable firewalld
systemctl stop firewalld
ufw disable

# Configure WireGuard
SERVER_PUB_NIC=$(ip route | awk 'NR==1{print$5}')
printf $Password | openssl dgst -binary -sha256 | openssl base64 -A > /root/private-key
ckey=$(cat /root/private-key | openssl dgst -binary -sha256 | openssl base64 -A)
cpubkey=$(echo $ckey | wg pubkey)
printf $ckey | openssl dgst -binary -sha256 | openssl base64 -A > /root/preshared-key
ip link add dev wg0 type wireguard
ip address add dev wg0 10.202.0.5 peer 10.202.0.10
wg set wg0 listen-port 65532 private-key /root/private-key peer $cpubkey preshared-key /root/preshared-key allowed-ips 10.202.0.10 persistent-keepalive 25
ip link set up dev wg0

# Download and install engarde-server
wget https://github.com/SmoothWAN/engarde/releases/download/master/engarde-server.linux.arm64 -O /usr/bin/engarde-server
chmod +x /usr/bin/engarde-server
mkdir -p /etc/engarde
wget https://raw.githubusercontent.com/SmoothWAN/SmoothWAN-misc/main/engarde/engarde-server.yml -O /etc/engarde/engarde.yml
/usr/bin/engarde-server /etc/engarde/engarde.yml &

# Configure network settings
ip link set wg0 mtu 1280
ulimit -n 65535
sysctl -w net.core.rmem_max=26214400
sysctl -w net.core.rmem_default=26214400
sysctl -w net.core.wmem_max=26214400
sysctl -w net.core.wmem_default=26214400
sysctl -w net.core.netdev_max_backlog=2048
echo 1 > /proc/sys/net/ipv4/ip_forward

# Configure iptables rules
iptables -A FORWARD -i $SERVER_PUB_NIC -o wg0 -j ACCEPT
iptables -A FORWARD -i wg0 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.202.0.0/24 -j MASQUERADE

# Change port range for port forwarding
iptables -t nat -A PREROUTING -i $SERVER_PUB_NIC -p udp --dport 1024:65000 -j DNAT --to-destination 10.202.0.10:1024-65000
iptables -t nat -A PREROUTING -i $SERVER_PUB_NIC -p tcp --dport 1024:65000 -j DNAT --to-destination 10.202.0.10:1024-65000

# End
echo && echo
echo -e "${CYAN}Script has been completed${RESET}"
echo
echo -e "${ORANGE}for further information visit SmoothWAN documentation -->${RESET}"
echo -e "${ORANGE}--> https://smoothwan.com/engarde/${RESET}"
echo && echo

anon83253404 · November 15, 2023, 11:41pm

I would also appreciate if anyone has a solution in the meantime to use this with Oracle Cloud

thematy · December 6, 2023, 1:53pm

Hey there, is there some update on Oracle cloud installation?

TalalM · December 20, 2023, 3:54am

Yes, Engarde runs at 65531
I couldn’t open an Oracle account for testing unfortunately.

anon83253404 · December 20, 2023, 1:05pm

Hi Talal, can you kindly provide a cloud-init script for Oracle? I should be able to test it. I am not an advanced user, but I do use engarde on Vultr on a daily basis.

Otherwise, it would greatly help if you could test on Amazon AWS? Aside from Oracle and Amazon, I find that I have significantly higher gaming ping on other cloud providers.

thematy · January 7, 2024, 9:04am

I can test things too, just let me know.

anon83253404 · January 11, 2024, 5:28pm

Does anyone know of a solution or alternatives?

TalalM · January 11, 2024, 6:28pm

I can’t make the script without testing firsthand unfortunately.
Would AWS be ok?
Edit: Just saw the previous reply mentioning it, will let you know soon.

anon83253404 · January 11, 2024, 6:45pm

Hi Talal, I understand. Should you get the opportunity, please do test on Oracle. In the meantime, the AWS script will have a huge impact

TalalM · January 11, 2024, 7:26pm

Amazon AWS was fairly simple, haven’t tested with >100Mbit connections with the t3.micro though:

anon83253404 · January 11, 2024, 7:39pm

Can you please confirm that you used the exact same Cloud init script that is used for Vultr?

TalalM · January 11, 2024, 7:41pm

Yes it’s the same.

anon83253404 · January 11, 2024, 8:35pm

I’m happy to report it’s working thank you! Not sure if the issues were caused by t2.micro (1 CPU) previously. If you need me for testing Oracle or any future releases, let me know. I’ll join the discord.

TalalM · January 12, 2024, 8:41pm

Have you tried doing similar steps in VPC (security list) with Oracle?
Note that the Ubuntu image in Oracle is modified and strict, you need to login to the VPS and run:

iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -F

If that works then it needs to be added to the cloud-init field.

anon83253404 · January 13, 2024, 12:33pm

I can confirm this is working for Oracle as well thanks!

TalalM · January 13, 2024, 12:45pm

Should I add the IPTABLES commands by default for cloud-init?

anon83253404 · January 13, 2024, 2:58pm

It worked when I added the IPTABLES in the cloud-init before running the instance.

Please note, I did not try logging into the VPS and running the IPTABLES commands manually.

Topic		Replies	Views
Engarde - Lag spikes and low TX Help	8	119	March 2, 2024
Customizing DHCP server address and/or Reverting from AdGuard Help	4	254	April 3, 2023
Save changes to WAN Interface - Engarde Help	2	21	August 15, 2024
Beryl AX SmoothWAN Help	1	180	April 10, 2024
Choosing Hardware for SmoothWAN: Raspberry Pi 4 vs GL-iNET Flint Help	5	651	May 2, 2023

SmoothWAN Engarde on Oracle Cloud

Related topics