About a week ago I managed to run my own Wireguard based vpn server. Everything was fine until a few days ago when I noticed that clients stopped receiving data. Googling the issue didn't get problem solved. I tried analyzing traffic going from a client to the server via wireshark and learned that handshake doesn't complete (endless Handshake initiation packets originating from a client machine with no server response whatsoever). Here's the contents of wg0.conf
[Interface]
PrivateKey = SERVER_PRIVATE_KEY
Address = 192.168.69.1/24
ListenPort = 51820
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -D FORWARD -o wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
PublicKey = CLIENT_PUBLIC_KEY
AllowedIPs = 192.168.69.8/32
Here's a sample client configuration
[Interface]
PrivateKey = CLIENT_PRIVATE_KEY
Address = 192.168.69.8/32
DNS = 1.1.1.1, 1.0.0.1
[Peer]
PublicKey = SERVER_PUBLIC_KEY
AllowedIPs = 0.0.0.0/0
Endpoint = VPS_IP:51820
PersistentKeepalive = 25
I double checked public/private key contents on both sides to avoid any inconsistencies. I had a suspicion that it's a firewall blocking all traffic, but didn't find anything in a kernel log that would confirm it
