Join Log in
Score:0
avatar Ubuntu

Wireguard handshake

cn flag
Kevin Connolly

I have 3 Ubuntu servers.All of them are running 21.10. (Linux Nas1 5.13.0-1016-raspi #18-Ubuntu SMP PREEMPT Thu Jan 20 08:53:01 UTC 2022 aarch64 aarch64 aarch64 GNU/Linux)

One is the wireguard server the other two are clients. I recently put up the third server (client). As I installed wireguard on this machineI checked what got loaded and that it was actually bringing up and interface with a blank wg0.conf file.

lsmod | grep wire

wireguard 90112 0

libchacha20poly1305 16384 1 wireguard

libblake2s 16384 1 wireguard

libcurve25519_generic 40960 1 wireguard

ip6_udp_tunnel 16384 1 wireguard

udp_tunnel 28672 1 wireguard

ifconfig

wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420

    unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  txqueuelen 1000  (UNSPEC)
    RX packets 0  bytes 0 (0.0 B)
    RX errors 0  dropped 0  overruns 0  frame 0
    TX packets 0  bytes 0 (0.0 B)

I used the exact same config from the client that is making a handshake to the new one only using the public key in the server config new [Peer] slot (using cat on the client to list the public key) and the host address to 192.168.10.7 (on both server an client) versus 192.168.10.6 from the client that's working. Below are the configs.

SERVER

[Interface]

Address = 192.168.10.1/24

PrivateKey = PRIVATEKEY

ListenPort = 51820

PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]

#NAS_REMOTE

PublicKey = Rcl14dY+v76Pcw4uWmMUPwG0EdoBMjisDzsgGoBVFiI=

AllowedIPs = 192.168.10.6/32

[Peer]

#NAS1

PublicKey = 44yLweAnZJmLrtQdGJPUYJvOeNCbme4YnsaR2/hA6Q8=

AllowedIPs = 192.168.10.7/32

CLIENT

[Interface]

Address = 192.168.10.7

PrivateKey = PRIVATEKEY

DNS = 8.8.8.8

[Peer]

PublicKey = E7k2xiSLRMy9wjuPTZIMKLoThQkv+4f0IJcYTbNAfAI=

Endpoint = <MYPUBLICIPADDRESS>:51820

AllowedIPs = 0.0.0.0/0, ::/0

PersistentKeepalive = 25

All that said, it doesn't handshake while the other one 192.168.10.6 does. I'm just really baffled by this one. Any help would be greatly appreciated. I've spent three weekends trying to figure this one out so far.

02/27/22 Update I can get it to handshake if I use the local IP as the Endpoint versus a public url (which by the way does translate correctly to public IP). Otherwise, I believe both client machines are the same. The working public url one was an upgrade to 21.10 versus the one that's not working with a public IP. It was a fresh install.

58
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.