[arch-general] Wireguard
From client PING 10.23.5.1 (10.23.5.1) 56(84) bytes of data. From 10.23.5.2 icmp_seq=1 Destination Host Unreachable
From 10.23.5.2 icmp_seq=2 Destination Host Unreachable
From 10.23.5.2 icmp_seq=3 Destination Host Unreachable
From 10.23.5.2 icmp_seq=4 Destination Host Unreachable
From Server
From 10.23.5.1 icmp_seq=1 Destination Host Unreachable
From 10.23.5.1 icmp_seq=2 Destination Host Unreachable
From 10.23.5.1 icmp_seq=3 Destination Host Unreachable
From 10.23.5.1 icmp_seq=4 Destination Host Unreachable
From 10.23.5.1 icmp_seq=5 Destination Host Unreachable
Hello, had someone run wireguard?`I have read today about it and try to run it through the Tutorial https://emanuelduss.ch/2018/09/wireguard-vpn-road-warrior-setup/ So all is connected, all looks as it work. But someone is wrong cause the ping work not correct. ping: sendmsg: Der notwendige Schlüssel ist nicht verfügbar* ping: sendmsg: Der notwendige Schlüssel ist nicht verfügbar ping: sendmsg: Der notwendige Schlüssel ist nicht verfügbar ping: sendmsg: Der notwendige Schlüssel ist nicht verfügbar *The necessary key is not available ping 10.23.5.2 PING 10.23.5.2 (10.23.5.2) 56(84) bytes of data. ping: sendmsg: Destination address required ping: sendmsg: Destination address required ping: sendmsg: Destination address required ping: sendmsg: Destination address required ping: sendmsg: Destination address required So all commands which be in the tutorial are present. ip a l wg0, wg show okay wg show give not more information self when clients are connected. Have here someone idea? Is there a way to become more log information? Maybe a tutorial which is more for Arch? Thank you for help & Nice new year Silvio
On 01/01/19 at 03:41pm, siefke_listen@web.de wrote:
Hello,
had someone run wireguard?`I have read today about it and try to run it through the Tutorial
Yes
https://emanuelduss.ch/2018/09/wireguard-vpn-road-warrior-setup/
I would recommend our wiki article [1]. Do you have ipv4 forwarding enabled and configured your firwewall correctly? [1] https://wiki.archlinux.org/index.php/WireGuard
On 1/1/19 9:49 AM, Jelle van der Waa wrote:
had someone run wireguard?`I have read today about it and try to run it through the Tutorial
Yes
I run it as well. Works really well, is easy to configure. I use a QR code to configure android phones using the beta app. This is discussed in the wiki that Jelle referenced.
On Tue, 1 Jan 2019 15:49:36 +0100 Jelle van der Waa <jelle@vdwaa.nl> wrote:
I would recommend our wiki article [1]. Do you have ipv4 forwarding enabled and configured your firwewall correctly?
Forwarding is enabled like it stand in tutorial of Arch and Firewall only must open the port I used for wireguard? Regards and thank you Silvio
On 01/01/19 at 04:46pm, siefke_listen@web.de wrote:
On Tue, 1 Jan 2019 15:49:36 +0100 Jelle van der Waa <jelle@vdwaa.nl> wrote:
I would recommend our wiki article [1]. Do you have ipv4 forwarding enabled and configured your firwewall correctly?
Forwarding is enabled like it stand in tutorial of Arch and Firewall only must open the port I used for wireguard?
No, your firewall also needs to have the correct masquerade rules.
On 1/1/19 10:46 AM, siefke_listen@web.de wrote:
Forwarding is enabled like it stand in tutorial of Arch and Firewall only must open the port I used for wireguard?
There are 3 of cases that come to mind. (a) you're testing on internal network (b) you're using external and wireguard is running on firewall and (c) you're using external and wireguard is running behind your firewall. In all cases, on the server running wireguard, you need iptables rules to managing forwarding in addition to having net.ipv4.ip_forward = 1 to enable forwarding in /etc/systctl.d/syscttl.conf and reload sysctl. I'd recommend getting things working on (a) inside your network first, then deal with packets going through your internet facing firewall. So in summary, I'd ensure your iptables rules on the VPN server are correct and working testing purely inside your network.
To help us understand, On the wireguard server what is the output of iptables --list-rules thanks, gene
Hi, Am 01.01.19 um 15:41 schrieb siefke_listen@web.de:
Hello,
Yes.
had someone run wireguard?`I have read today about it and try to run it through the Tutorial
https://emanuelduss.ch/2018/09/wireguard-vpn-road-warrior-setup/
So all is connected, all looks as it work. But someone is wrong cause the ping work not correct.
Maybe it's easier to use wg-quick? Is 10.23.5.2/32 in the AllowedIPs? BR Bjoern
participants (4)
-
Bjoern Franke
-
Genes Lists
-
Jelle van der Waa
-
siefke_listen@web.de