Client - as mentioned the server is working with other clients. Also the key exchange is working - the client connects to the server WG.
Routing is the most likely the problem ... IMHO -T On Sun, Jan 12, 2025, 12:04 Ted Mittelstaedt <[email protected]> wrote: > Are you trying to setup your Ubuntu as a remote client with a wireguard > server somewhere on the Internet, or are you trying to use the Ubuntu > system as a wireguard server at your site to be able to remote into it? > > Ted > > -----Original Message----- > From: PLUG <[email protected]> On Behalf Of Tomas Kuchta > Sent: Saturday, January 11, 2025 7:23 PM > To: Portland Linux/Unix Group <[email protected]> > Subject: [PLUG] Wireguard on ubuntu 24.04 - no network connectivity > > Any wireguard experts here? > I cannot get network traffic through wireguard on Ubuntu 24.04. > I have been failing to resolve this and resorted to connecting through my > android Wireguard > > 1. the server is working - it works like a charm on my android phone 2. WG > handshake is fine - it connects 3. I disabled firewall by: sudo ufw disable > - to no effect 4. I have long given up on google because: > a) most posts are parroting someone without understanding networking > b) competent posts assume pretty advanced networking knowledge or > windows or bsd or .... > > the setup: > ------------- > sudo ls -l /etc/wireguard/wg0.conf > -rw------- 1 root root 266 Jan 11 20:56 /etc/wireguard/wg0.conf > > sudo cat /etc/wireguard/wg0.conf > [Interface] > PrivateKey =xxxxxxxxx > Address = 192.168.40.4/32 > DNS = 192.168.40.1 > > [Peer] > PublicKey =yyyyyyyy > AllowedIPs = 192.168.40.1/32,192.168.40.4/32,0.0.0.0/0 > Endpoint = 111.222.333.444:51820 > > sudo wg-quick up wg0 > [#] ip link add wg0 type wireguard > [#] wg setconf wg0 /dev/fd/63 > [#] ip -4 address add 192.168.40.4/32 dev wg0 [#] ip link set mtu 1420 up > dev wg0 [#] resolvconf -a wg0 -m 0 -x [#] ip -4 route add 192.168.40.4/32 > dev wg0 [#] ip -4 route add 192.168.40.1/32 dev wg0 [#] wg set wg0 fwmark > 51820 [#] ip -4 rule add not fwmark 51820 table 51820 [#] ip -4 rule add > table main suppress_prefixlength 0 [#] ip -4 route add 0.0.0.0/0 dev wg0 > table 51820 [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1 > [#] nft -f /dev/fd/63 > > ping 192.168.40.1 > PING 192.168.40.1 (192.168.40.1) 56(84) bytes of data. > ^C > --- 192.168.40.1 ping statistics --- > 5 packets transmitted, 0 received, 100% packet loss, time 4072ms > > # before wg up: > # ------------------ > ip addr > 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group > default qlen 1000 > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo > valid_lft forever preferred_lft forever > inet6 ::1/128 scope host noprefixroute > valid_lft forever preferred_lft forever > 2: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state > UP group default qlen 1000 > link/ether 04:7b:cb:2c:ab:ac brd ff:ff:ff:ff:ff:ff > inet 10.10.208.202/16 brd 10.10.255.255 scope global dynamic > noprefixroute wlp1s0 > valid_lft 79251sec preferred_lft 79251sec > inet6 fe80::7fbd:1fbd:56ef:baef/64 scope link noprefixroute > valid_lft forever preferred_lft forever > 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue > state DOWN group default qlen 1000 > link/ether 52:54:00:27:fe:77 brd ff:ff:ff:ff:ff:ff > inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 > valid_lft forever preferred_lft forever > > ip route > default via 10.10.0.1 dev wlp1s0 proto dhcp src 10.10.208.202 metric 600 > 10.10.0.0/16 dev wlp1s0 proto kernel scope link src 10.10.208.202 metric > 600 > 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 > linkdown > > traceroute google.com > traceroute to google.com (142.251.40.142), 30 hops max, 60 byte packets > 1 _gateway (10.10.0.1) 2.214 ms 1.993 ms 1.775 ms > 2 syn-142-254-208-053.inf.spectrum.com (142.254.208.53) 54.259 ms > 54.198 ms 54.700 ms > 3 lag-63.cnwynh1601h.netops.charter.com (24.58.224.169) 87.416 ms > 87.373 ms 87.332 ms > 4 lag-28.ptldmehx02r.netops.charter.com (24.58.40.246) 67.360 ms > 67.315 ms 67.268 ms > 5 lag-25.rcr01albynyyf.netops.charter.com (24.58.32.64) 67.228 ms > 67.180 ms 67.135 ms > 6 lag-416-10.nycmny837aw-bcr00.netops.charter.com (66.109.6.10) 85.270 > ms lag-26-10.nycmny837aw-bcr00.netops.charter.com (24.30.201.130) 83.895 > ms lag-416-10.nycmny837aw-bcr00.netops.charter.com (66.109.6.10) 83.807 > ms > 7 209.85.172.46 (209.85.172.46) 83.759 ms 72.14.218.108 (72.14.218.108) > 43.673 ms syn-066-109-007-099.inf.spectrum.com (66.109.7.99) 73.371 ms > 8 * 192.178.108.17 (192.178.108.17) 60.608 ms 60.545 ms > 9 142.251.64.4 (142.251.64.4) 60.479 ms 142.251.60.180 (142.251.60.180) > 61.229 ms 142.251.53.150 (142.251.53.150) 61.174 ms > 10 192.178.106.18 (192.178.106.18) 64.089 ms 216.239.49.65 > (216.239.49.65) 62.949 ms 192.178.106.20 (192.178.106.20) 62.894 ms > 11 142.251.69.66 (142.251.69.66) 68.364 ms lga25s80-in-f14.1e100.net > (142.251.40.142) 63.853 ms 62.721 ms > > # after wg up: > # ---------------- > ip addr > 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group > default qlen 1000 > link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 > inet 127.0.0.1/8 scope host lo > valid_lft forever preferred_lft forever > inet6 ::1/128 scope host noprefixroute > valid_lft forever preferred_lft forever > 2: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state > UP group default qlen 1000 > link/ether 04:7b:cb:2c:ab:ac brd ff:ff:ff:ff:ff:ff > inet 10.10.208.202/16 brd 10.10.255.255 scope global dynamic > noprefixroute wlp1s0 > valid_lft 79076sec preferred_lft 79076sec > inet6 fe80::7fbd:1fbd:56ef:baef/64 scope link noprefixroute > valid_lft forever preferred_lft forever > 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue > state DOWN group default qlen 1000 > link/ether 52:54:00:27:fe:77 brd ff:ff:ff:ff:ff:ff > inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 > valid_lft forever preferred_lft forever > 20: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state > UNKNOWN group default qlen 1000 > link/none > inet 192.168.40.4/32 scope global wg0 > valid_lft forever preferred_lft forever > > ip route > default via 10.10.0.1 dev wlp1s0 proto dhcp src 10.10.208.202 metric 600 > 10.10.0.0/16 dev wlp1s0 proto kernel scope link src 10.10.208.202 metric > 600 > 192.168.40.1 dev wg0 scope link > 192.168.40.4 dev wg0 scope link > 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 > linkdown > > Any experts out there with an advice? > > Thanks, Tomas > >
