I've setup two wireguard peer servers and can connect sucessfully to each one independetly.
But when I try to connect to two peers at same time and split tunnels, It does fails to hand shake with second server.
I think thats because two peers private keys are different, and In multi peer client I can only enter one server's private key.
I don't know how can these two peers work together with one private key?
My main goal is to setup two peer servers and split tunnel for specific range ip.
Here I've pasted two servers and peers config and also multi peer client. Would appreciate any help.
Server 1:
[Interface]
Address = 10.7.0.1/24
PrivateKey = EKSCFdQiAgXsL4Wm40z63fdXL7q4PCgyB4XhNqkq+1A=
ListenPort = 51820
[Peer]
PublicKey = G5ZurqtqfiMCgkImUfA+R17r3IaYhAh/jWZpNtB/4iI=
PresharedKey = mekE11iavS70vbJ/mLunFxRDEzYwXuGX2wdCZw8FFyc=
AllowedIPs = 10.7.0.2/32
Server 2:
[Interface]
Address = 10.7.0.1/24
PrivateKey = +IapZjrB8UfiTdsJNUWIFntK00z2v6MTpeYqHVMMTmI=
ListenPort = 51820
[Peer]
PublicKey = l7YElLKnNWLUmohKpR+rQDORLmXm5geAivz9AzbbvkE=
PresharedKey = J+kdful8xJW1uMdVGfrDM+D2v/dyl/Y8SYp+0/rS/mM=
AllowedIPs = 10.7.0.2/32
- Note that I've tried and managed to get same range ip (10.7.0.2) on both servers. don't know is it necessary or causing problem or not.
Peer 1 config:
[Interface]
Address = 10.7.0.2/24
DNS = 8.8.8.8, 8.8.4.4
PrivateKey = WMrHIjr71kv7Cl3zw9mx72d8uCTmLJPDk6K0j7FWjmg=
[Peer]
PublicKey = gu78igdrkMzlowf8988zYt58ciI0DTmz4QMzZ1QgfCs=
PresharedKey = mekE11iavS70vbJ/mLunFxRDEzYwXuGX2wdCZw8FFyc=
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = SERVER_A:51820
PersistentKeepalive = 25
Peer 2 config:
[Interface]
Address = 10.7.0.2/24
DNS = 8.8.8.8, 8.8.4.4
PrivateKey = yNGP/MbTAjyADyTLuv19PwL5rCj6Q8j/hJGVz+Cafko=
[Peer]
PublicKey = HdYcIUebtkxiXWwcvaef8Z+/wrEqV7ArzL4Jbknus3A=
PresharedKey = J+kdful8xJW1uMdVGfrDM+D2v/dyl/Y8SYp+0/rS/mM=
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = SERVER_2:51820
PersistentKeepalive = 25
And finally, the multi peer config i'm trying to use but fail:
Client config:
[Interface]
Address = 10.7.0.2/32
DNS = 8.8.8.8, 8.8.4.4
PrivateKey = yNGP/MbTAjyADyTLuv19PwL5rCj6Q8j/hJGVz+Cafko=
[Peer]
PublicKey = HdYcIUebtkxiXWwcvaef8Z+/wrEqV7ArzL4Jbknus3A=
PresharedKey = J+kdful8xJW1uMdVGfrDM+D2v/dyl/Y8SYp+0/rS/mM=
AllowedIPs = 8.0.0.0/8
Endpoint = SERVER_2:51820
PersistentKeepalive = 25
[Peer]
PublicKey = gu78igdrkMzlowf8988zYt58ciI0DTmz4QMzZ1QgfCs=
PresharedKey = mekE11iavS70vbJ/mLunFxRDEzYwXuGX2wdCZw8FFyc=
AllowedIPs = 45.0.0.0/8
Endpoint = SERVER_A:51820
PersistentKeepalive = 25
Wireguard logs from second server which fails to handshake as private key issue:
kernel: [70290.070053] wireguard: wg0: Invalid handshake initiation from MY_IP:64230
kernel: [70295.369403] wireguard: wg0: Invalid handshake initiation from MY_IP:64230
kernel: [70300.569581] wireguard: wg0: Invalid handshake initiation from MY_IP:64230
Can anybody help me how can I achieve split tunnel using two peers and fixing this private key issue? Thanks.