* Wireguard not coming up on DD-wrt
@ 2018-10-09 15:06 Dennis van J.
2018-10-09 16:29 ` Sebastian Gottschall
0 siblings, 1 reply; 7+ messages in thread
From: Dennis van J. @ 2018-10-09 15:06 UTC (permalink / raw)
To: wireguard
[-- Attachment #1.1: Type: text/plain, Size: 3621 bytes --]
Hi all,
I have setup Wireguard on a Gentoo box, compiled it into the kernel
using instructions on the wireguard website. Got my mobile to connect
using 4G to this box fine, so I wanted to test further with a friend of
mine who has a DD-wrt installation on his router. Wireguard is
integrated into the DD-wrt build, we set it up, but the tunnel does not
come up. On the server I only see this:
Oct 9 16:45:34 omega kernel: [178809.449718] wireguard: wg0: Receiving
handshake initiation from peer 10 (x.169.86.x:22300)
Oct 9 16:45:34 omega kernel: [178809.449721] wireguard: wg0: Sending
handshake response to peer 10 (x.169.86.x:22300)
Oct 9 16:45:34 omega kernel: [178809.450130] wireguard: wg0: Keypair
32179 destroyed for peer 10
Oct 9 16:45:34 omega kernel: [178809.450131] wireguard: wg0: Keypair
32180 created for peer 10
Oct 9 16:45:39 omega kernel: [178814.519668] wireguard: wg0: Receiving
handshake initiation from peer 10 (x.169.86.x:22300)
Oct 9 16:45:39 omega kernel: [178814.519671] wireguard: wg0: Sending
handshake response to peer 10 (x.169.86.x:22300)
Oct 9 16:45:39 omega kernel: [178814.520062] wireguard: wg0: Keypair
32180 destroyed for peer 10
Oct 9 16:45:39 omega kernel: [178814.520063] wireguard: wg0: Keypair
32181 created for peer 10
Oct 9 16:45:44 omega kernel: [178819.579701] wireguard: wg0: Receiving
handshake initiation from peer 10 (x.169.86.x:22300)
Oct 9 16:45:44 omega kernel: [178819.579704] wireguard: wg0: Sending
handshake response to peer 10 (x.169.86.x:22300)
Oct 9 16:45:44 omega kernel: [178819.580094] wireguard: wg0: Keypair
32181 destroyed for peer 10
Oct 9 16:45:44 omega kernel: [178819.580095] wireguard: wg0: Keypair
32182 created for peer 10
Oct 9 16:45:50 omega kernel: [178824.910142] wireguard: wg0: Receiving
handshake initiation from peer 10 (x.169.86.x:22300)
Oct 9 16:45:50 omega kernel: [178824.910145] wireguard: wg0: Sending
handshake response to peer 10 (x.169.86.x:22300)
Oct 9 16:45:50 omega kernel: [178824.910535] wireguard: wg0: Keypair
32182 destroyed for peer 10
Oct 9 16:45:50 omega kernel: [178824.910536] wireguard: wg0: Keypair
32183 created for peer 10
Oct 9 16:45:55 omega kernel: [178829.950001] wireguard: wg0: Receiving
handshake initiation from peer 10 (x.169.86.x:22300)
Oct 9 16:45:55 omega kernel: [178829.950003] wireguard: wg0: Sending
handshake response to peer 10 (x.169.86.x:22300)
Oct 9 16:45:55 omega kernel: [178829.950406] wireguard: wg0: Keypair
32183 destroyed for peer 10
Oct 9 16:45:55 omega kernel: [178829.950407] wireguard: wg0: Keypair
32184 created for peer 10
Port on the server is open (since the 4G test works). We can reach the
22300 port on his side. Checked the pub/private keys as well.
wg show on server:
interface: wg0
public key: <pubkey server>
private key: (hidden)
listening port: 51820
peer: <pubkey of mobile>
endpoint: x.200.39.x:8971
allowed ips: 0.0.0.0/0
latest handshake: 8 hours, 1 minute, 43 seconds ago
transfer: 384.24 KiB received, 2.74 MiB sent
peer: <pubkey of dd-wrt>
endpoint: x.169.86.x:22300
allowed ips: 192.168.1.0/24, 10.100.0.3/32
transfer: 2.00 MiB received, 1.24 MiB sent
On DD-wrt router:
interface: oet1
public key: <pubkey dd-wrt>
private key: (hidden)
listening port: 22300
peer: <pubkey of server>
endpoint: x.197.199.x:51820
allowed ips: 0.0.0.0/0
transfer: 0 B received, 777.43 KiB sent
persistent keepalive: every 25 seconds
We are trying to get logging to work on that DD-wrt box, that should
contain some more clues but maybe any of you have an idea?
Cheers,
Dennis
[-- Attachment #1.2: Type: text/html, Size: 5063 bytes --]
[-- Attachment #2: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Wireguard not coming up on DD-wrt
2018-10-09 15:06 Wireguard not coming up on DD-wrt Dennis van J.
@ 2018-10-09 16:29 ` Sebastian Gottschall
2018-10-09 19:18 ` Jason A. Donenfeld
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Sebastian Gottschall @ 2018-10-09 16:29 UTC (permalink / raw)
To: wireguard, dennis_20
[-- Attachment #1.1: Type: text/plain, Size: 4354 bytes --]
just to make sure. since i'm updating wireguard in dd-wrt very often to
the latest state of art code from git. which dd-wrt version did you use
for establishing the connection?
did you also take care about usual firewall problems? by default the the
firewall is closed on wan, so no inbound connection is possible
Sebastian
Am 09.10.2018 um 17:06 schrieb Dennis van J.:
>
> Hi all,
>
> I have setup Wireguard on a Gentoo box, compiled it into the kernel
> using instructions on the wireguard website. Got my mobile to connect
> using 4G to this box fine, so I wanted to test further with a friend
> of mine who has a DD-wrt installation on his router. Wireguard is
> integrated into the DD-wrt build, we set it up, but the tunnel does
> not come up. On the server I only see this:
>
> Oct 9 16:45:34 omega kernel: [178809.449718] wireguard: wg0:
> Receiving handshake initiation from peer 10 (x.169.86.x:22300)
> Oct 9 16:45:34 omega kernel: [178809.449721] wireguard: wg0: Sending
> handshake response to peer 10 (x.169.86.x:22300)
> Oct 9 16:45:34 omega kernel: [178809.450130] wireguard: wg0: Keypair
> 32179 destroyed for peer 10
> Oct 9 16:45:34 omega kernel: [178809.450131] wireguard: wg0: Keypair
> 32180 created for peer 10
> Oct 9 16:45:39 omega kernel: [178814.519668] wireguard: wg0:
> Receiving handshake initiation from peer 10 (x.169.86.x:22300)
> Oct 9 16:45:39 omega kernel: [178814.519671] wireguard: wg0: Sending
> handshake response to peer 10 (x.169.86.x:22300)
> Oct 9 16:45:39 omega kernel: [178814.520062] wireguard: wg0: Keypair
> 32180 destroyed for peer 10
> Oct 9 16:45:39 omega kernel: [178814.520063] wireguard: wg0: Keypair
> 32181 created for peer 10
> Oct 9 16:45:44 omega kernel: [178819.579701] wireguard: wg0:
> Receiving handshake initiation from peer 10 (x.169.86.x:22300)
> Oct 9 16:45:44 omega kernel: [178819.579704] wireguard: wg0: Sending
> handshake response to peer 10 (x.169.86.x:22300)
> Oct 9 16:45:44 omega kernel: [178819.580094] wireguard: wg0: Keypair
> 32181 destroyed for peer 10
> Oct 9 16:45:44 omega kernel: [178819.580095] wireguard: wg0: Keypair
> 32182 created for peer 10
> Oct 9 16:45:50 omega kernel: [178824.910142] wireguard: wg0:
> Receiving handshake initiation from peer 10 (x.169.86.x:22300)
> Oct 9 16:45:50 omega kernel: [178824.910145] wireguard: wg0: Sending
> handshake response to peer 10 (x.169.86.x:22300)
> Oct 9 16:45:50 omega kernel: [178824.910535] wireguard: wg0: Keypair
> 32182 destroyed for peer 10
> Oct 9 16:45:50 omega kernel: [178824.910536] wireguard: wg0: Keypair
> 32183 created for peer 10
> Oct 9 16:45:55 omega kernel: [178829.950001] wireguard: wg0:
> Receiving handshake initiation from peer 10 (x.169.86.x:22300)
> Oct 9 16:45:55 omega kernel: [178829.950003] wireguard: wg0: Sending
> handshake response to peer 10 (x.169.86.x:22300)
> Oct 9 16:45:55 omega kernel: [178829.950406] wireguard: wg0: Keypair
> 32183 destroyed for peer 10
> Oct 9 16:45:55 omega kernel: [178829.950407] wireguard: wg0: Keypair
> 32184 created for peer 10
>
> Port on the server is open (since the 4G test works). We can reach the
> 22300 port on his side. Checked the pub/private keys as well.
>
> wg show on server:
>
> interface: wg0
> public key: <pubkey server>
> private key: (hidden)
> listening port: 51820
>
> peer: <pubkey of mobile>
> endpoint: x.200.39.x:8971
> allowed ips: 0.0.0.0/0
> latest handshake: 8 hours, 1 minute, 43 seconds ago
> transfer: 384.24 KiB received, 2.74 MiB sent
>
> peer: <pubkey of dd-wrt>
> endpoint: x.169.86.x:22300
> allowed ips: 192.168.1.0/24, 10.100.0.3/32
> transfer: 2.00 MiB received, 1.24 MiB sent
>
> On DD-wrt router:
>
> interface: oet1
> public key: <pubkey dd-wrt>
> private key: (hidden)
> listening port: 22300
>
> peer: <pubkey of server>
> endpoint: x.197.199.x:51820
> allowed ips: 0.0.0.0/0
> transfer: 0 B received, 777.43 KiB sent
> persistent keepalive: every 25 seconds
>
> We are trying to get logging to work on that DD-wrt box, that should
> contain some more clues but maybe any of you have an idea?
>
> Cheers,
>
> Dennis
>
>
>
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
[-- Attachment #1.2: Type: text/html, Size: 6375 bytes --]
[-- Attachment #2: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Wireguard not coming up on DD-wrt
2018-10-09 16:29 ` Sebastian Gottschall
@ 2018-10-09 19:18 ` Jason A. Donenfeld
2018-10-10 6:00 ` Dennis van J.
2018-10-10 15:51 ` route_allowed_ips on on openwrt Emanuele Bernardi
2 siblings, 0 replies; 7+ messages in thread
From: Jason A. Donenfeld @ 2018-10-09 19:18 UTC (permalink / raw)
To: s.gottschall; +Cc: WireGuard mailing list
On Tue, Oct 9, 2018 at 6:30 PM Sebastian Gottschall
<s.gottschall@newmedia-net.de> wrote:
>
> just to make sure. since i'm updating wireguard in dd-wrt very often to the latest state of art code from git.
Do not do this. Rather, use snapshots. If you're distributing builds
based on git master, you're putting your users at unnecessary risk.
The only safe and acceptable distribution of WireGuard is using the
latest snapshot tarball. When you use git master, you're not getting
the "latest state of art code", you're getting "jason's 5am
force-pushes and wacky ideas pre-codereview." On the other hand, when
you use snapshots, you're getting code that I've spent some time
reviewing and double checking to make sure it won't murder kittens and
related atrocities.
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: Wireguard not coming up on DD-wrt
2018-10-09 16:29 ` Sebastian Gottschall
2018-10-09 19:18 ` Jason A. Donenfeld
@ 2018-10-10 6:00 ` Dennis van J.
[not found] ` <08ebe77e-c66f-a356-8a42-e0a0d920a2a8@newmedia-net.de>
2018-10-10 15:51 ` route_allowed_ips on on openwrt Emanuele Bernardi
2 siblings, 1 reply; 7+ messages in thread
From: Dennis van J. @ 2018-10-10 6:00 UTC (permalink / raw)
To: wireguard
[-- Attachment #1.1: Type: text/plain, Size: 4683 bytes --]
Hi Sebastian,
I took care of the FW problems. An iptables --list shows that the udp
port is open.
DD-wrt is running using: Firmware:DD-WRT v3.0-r36645 std (08/19/18).
Cheers,
Dennis
Op 9-10-2018 om 18:29 schreef Sebastian Gottschall:
>
> just to make sure. since i'm updating wireguard in dd-wrt very often
> to the latest state of art code from git. which dd-wrt version did you
> use for establishing the connection?
>
> did you also take care about usual firewall problems? by default the
> the firewall is closed on wan, so no inbound connection is possible
>
>
> Sebastian
>
> Am 09.10.2018 um 17:06 schrieb Dennis van J.:
>>
>> Hi all,
>>
>> I have setup Wireguard on a Gentoo box, compiled it into the kernel
>> using instructions on the wireguard website. Got my mobile to connect
>> using 4G to this box fine, so I wanted to test further with a friend
>> of mine who has a DD-wrt installation on his router. Wireguard is
>> integrated into the DD-wrt build, we set it up, but the tunnel does
>> not come up. On the server I only see this:
>>
>> Oct 9 16:45:34 omega kernel: [178809.449718] wireguard: wg0:
>> Receiving handshake initiation from peer 10 (x.169.86.x:22300)
>> Oct 9 16:45:34 omega kernel: [178809.449721] wireguard: wg0: Sending
>> handshake response to peer 10 (x.169.86.x:22300)
>> Oct 9 16:45:34 omega kernel: [178809.450130] wireguard: wg0: Keypair
>> 32179 destroyed for peer 10
>> Oct 9 16:45:34 omega kernel: [178809.450131] wireguard: wg0: Keypair
>> 32180 created for peer 10
>> Oct 9 16:45:39 omega kernel: [178814.519668] wireguard: wg0:
>> Receiving handshake initiation from peer 10 (x.169.86.x:22300)
>> Oct 9 16:45:39 omega kernel: [178814.519671] wireguard: wg0: Sending
>> handshake response to peer 10 (x.169.86.x:22300)
>> Oct 9 16:45:39 omega kernel: [178814.520062] wireguard: wg0: Keypair
>> 32180 destroyed for peer 10
>> Oct 9 16:45:39 omega kernel: [178814.520063] wireguard: wg0: Keypair
>> 32181 created for peer 10
>> Oct 9 16:45:44 omega kernel: [178819.579701] wireguard: wg0:
>> Receiving handshake initiation from peer 10 (x.169.86.x:22300)
>> Oct 9 16:45:44 omega kernel: [178819.579704] wireguard: wg0: Sending
>> handshake response to peer 10 (x.169.86.x:22300)
>> Oct 9 16:45:44 omega kernel: [178819.580094] wireguard: wg0: Keypair
>> 32181 destroyed for peer 10
>> Oct 9 16:45:44 omega kernel: [178819.580095] wireguard: wg0: Keypair
>> 32182 created for peer 10
>> Oct 9 16:45:50 omega kernel: [178824.910142] wireguard: wg0:
>> Receiving handshake initiation from peer 10 (x.169.86.x:22300)
>> Oct 9 16:45:50 omega kernel: [178824.910145] wireguard: wg0: Sending
>> handshake response to peer 10 (x.169.86.x:22300)
>> Oct 9 16:45:50 omega kernel: [178824.910535] wireguard: wg0: Keypair
>> 32182 destroyed for peer 10
>> Oct 9 16:45:50 omega kernel: [178824.910536] wireguard: wg0: Keypair
>> 32183 created for peer 10
>> Oct 9 16:45:55 omega kernel: [178829.950001] wireguard: wg0:
>> Receiving handshake initiation from peer 10 (x.169.86.x:22300)
>> Oct 9 16:45:55 omega kernel: [178829.950003] wireguard: wg0: Sending
>> handshake response to peer 10 (x.169.86.x:22300)
>> Oct 9 16:45:55 omega kernel: [178829.950406] wireguard: wg0: Keypair
>> 32183 destroyed for peer 10
>> Oct 9 16:45:55 omega kernel: [178829.950407] wireguard: wg0: Keypair
>> 32184 created for peer 10
>>
>> Port on the server is open (since the 4G test works). We can reach
>> the 22300 port on his side. Checked the pub/private keys as well.
>>
>> wg show on server:
>>
>> interface: wg0
>> public key: <pubkey server>
>> private key: (hidden)
>> listening port: 51820
>>
>> peer: <pubkey of mobile>
>> endpoint: x.200.39.x:8971
>> allowed ips: 0.0.0.0/0
>> latest handshake: 8 hours, 1 minute, 43 seconds ago
>> transfer: 384.24 KiB received, 2.74 MiB sent
>>
>> peer: <pubkey of dd-wrt>
>> endpoint: x.169.86.x:22300
>> allowed ips: 192.168.1.0/24, 10.100.0.3/32
>> transfer: 2.00 MiB received, 1.24 MiB sent
>>
>> On DD-wrt router:
>>
>> interface: oet1
>> public key: <pubkey dd-wrt>
>> private key: (hidden)
>> listening port: 22300
>>
>> peer: <pubkey of server>
>> endpoint: x.197.199.x:51820
>> allowed ips: 0.0.0.0/0
>> transfer: 0 B received, 777.43 KiB sent
>> persistent keepalive: every 25 seconds
>>
>> We are trying to get logging to work on that DD-wrt box, that should
>> contain some more clues but maybe any of you have an idea?
>>
>> Cheers,
>>
>> Dennis
>>
>>
>>
>> _______________________________________________
>> WireGuard mailing list
>> WireGuard@lists.zx2c4.com
>> https://lists.zx2c4.com/mailman/listinfo/wireguard
[-- Attachment #1.2: Type: text/html, Size: 7556 bytes --]
[-- Attachment #2: Type: text/plain, Size: 148 bytes --]
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 7+ messages in thread
* route_allowed_ips on on openwrt
2018-10-09 16:29 ` Sebastian Gottschall
2018-10-09 19:18 ` Jason A. Donenfeld
2018-10-10 6:00 ` Dennis van J.
@ 2018-10-10 15:51 ` Emanuele Bernardi
2 siblings, 0 replies; 7+ messages in thread
From: Emanuele Bernardi @ 2018-10-10 15:51 UTC (permalink / raw)
To: wireguard
Hi all, I'm not sure if is the right place to ask about this..
I'm Configuring wireguard on openwrt and in the peer configuration i
came across these specs
(https://openwrt.org/docs/guide-user/network/tunneling_interface_protocols#protocol_wireguard_wireguard_vpn)
and the "route_allowed_ips" option, but enabling it does not create a
route and i must add it manually.
Could it be an issue with the openwrt or wireguard?
Thank you
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2018-10-10 15:52 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-10-09 15:06 Wireguard not coming up on DD-wrt Dennis van J.
2018-10-09 16:29 ` Sebastian Gottschall
2018-10-09 19:18 ` Jason A. Donenfeld
2018-10-10 6:00 ` Dennis van J.
[not found] ` <08ebe77e-c66f-a356-8a42-e0a0d920a2a8@newmedia-net.de>
2018-10-10 13:31 ` Dennis van J.
[not found] ` <b6289282-309d-9e23-a31f-4960872ab522@newmedia-net.de>
2018-10-10 14:52 ` Dennis van J.
2018-10-10 15:51 ` route_allowed_ips on on openwrt Emanuele Bernardi
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).