I have a wireguard setup that lets me ping from either endpoint to the other. Using the client, I would like to address hosts on the home (server's) network by their local IP addresses.
On the client, I can ping the other end of the tunnel, but not any local addresses. On the client: root@iorich:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 172.20.10.1 0.0.0.0 UG 600 0 0 wls3 link-local 0.0.0.0 255.255.0.0 U 1000 0 0 wls3 172.20.10.0 0.0.0.0 255.255.255.240 U 600 0 0 wls3 root@iorich:~# wg-quick up wg0 [#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 [#] ip -4 address add 10.0.2.3/24 dev wg0 [#] ip -6 address add fc00:23:5::3/64 dev wg0 [#] ip link set mtu 1420 up dev wg0 [#] resolvconf -a tun.wg0 -m 0 -x [#] route add -net 192.168.100.0 netmask 255.255.255.0 dev wg0 root@iorich:~# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 172.20.10.1 0.0.0.0 UG 600 0 0 wls3 10.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0 link-local 0.0.0.0 255.255.0.0 U 1000 0 0 wls3 172.20.10.0 0.0.0.0 255.255.255.240 U 600 0 0 wls3 192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0 root@iorich:~# ping 10.0.2.1 PING 10.0.2.1 (10.0.2.1) 56(84) bytes of data. 64 bytes from 10.0.2.1: icmp_seq=1 ttl=64 time=182 ms 64 bytes from 10.0.2.1: icmp_seq=2 ttl=64 time=163 ms 64 bytes from 10.0.2.1: icmp_seq=3 ttl=64 time=170 ms 64 bytes from 10.0.2.1: icmp_seq=4 ttl=64 time=187 ms 64 bytes from 10.0.2.1: icmp_seq=5 ttl=64 time=170 ms --- 10.0.2.1 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4007ms rtt min/avg/max/mdev = 162.936/174.474/186.802/8.809 ms root@iorich:~# ping 192.168.100.30 PING 192.168.100.30 (192.168.100.30) 56(84) bytes of data. From 10.0.2.3 icmp_seq=1 Destination Host Unreachable ping: sendmsg: Required key not available From 10.0.2.3 icmp_seq=2 Destination Host Unreachable ping: sendmsg: Required key not available From 10.0.2.3 icmp_seq=3 Destination Host Unreachable ping: sendmsg: Required key not available From 10.0.2.3 icmp_seq=4 Destination Host Unreachable ping: sendmsg: Required key not available From 10.0.2.3 icmp_seq=5 Destination Host Unreachable ping: sendmsg: Required key not available --- 192.168.100.30 ping statistics --- 5 packets transmitted, 0 received, +5 errors, 100% packet loss, time 4087ms root@iorich:~# Searching on "ping: sendmsg: Required key not available" turned up no examples or solutions. On the hypothesis that the key referred to was a wireguard key, I checked those. Those appear to be OK. -- Does anybody read signatures any more? https://charlescurley.com https://charlescurley.com/blog/
