Wireguard on 1.13.0

Report wireless and/or network connectivity problems in this forum.

Moderator: Moderators

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Wireguard on 1.13.0

Post by ispyisail »

Hi Lantis

Been trying to replace OpenVPN with Wireguard but one thing doesn't work is the reverse connection

Gargoyle Wireguard Server 192.168.1.1

Gargoyle Wireguard Client 192.168.10.1

The client side works perfect but the server side won't connect to client side e.g."192.168.10.1"

192.168.10.1 >> 192.168.1.1 = Perfect
192.168.1.1 >> 192.168.10.1 = No Connection

Image

Image

Image

Image

Image

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Wireguard on 1.3.0

Post by ispyisail »

Also the Wireguard android client only accepts short file names

wg-TestHome.conf = good
wg-TestLongFileNameHome.conf = bad

I think its limited to about 10 characters?

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Wireguard on 1.3.0

Post by ispyisail »

Also the android client appears to connect but when you check the logs its having trouble connecting
Image

Lantis
Moderator
Posts: 6735
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: Wireguard on 1.3.0

Post by Lantis »

I'll try to look into this on the weekend.
I can't help much with the Android client sorry. I sold my only android device a few weeks ago.

I'm sure i tested this scenario when i was building it so i'm pretty sure it does work. And the routes are set up correctly.
Are you sure it doesn't work? How have you actually tested it?
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases
Please be respectful when posting. I do this in my free time on a volunteer basis.

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Wireguard on 1.3.0

Post by ispyisail »

I can't help much with the Android client sorry. I sold my only android device a few weeks ago.
Fixed (Sorry)

I had "data saver" turned on on 4g

Still can't connect to remote clients though

Phone >> WireGuard Server = works

Phone >> WireGuard Server >> WireGuard Client = No Work

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Wireguard on 1.3.0

Post by ispyisail »

I'm sure i tested this scenario when i was building it so i'm pretty sure it does work. And the routes are set up correctly.
Are you sure it doesn't work? How have you actually tested it?
I'm sure the setting are correct.

I posted screen shots to double check

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Wireguard on 1.3.0

Post by ispyisail »

I'm off work with sick kids

I've set up mock network with a couple of GL-AR150's

I can confirm that reverse VPN connection does not work with Wireguard.

I also tried different configurations with no luck

Lantis
Moderator
Posts: 6735
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: Wireguard on 1.3.0

Post by Lantis »

Good news, I can reproduce the issue.
I just haven’t had time to look deeper yet.
I note that if you set “clients use WireGuard for all traffic”, that works fine.
It’s only the “host only” setting that is broken. If you could confirm that, that would be good. It’s also a possible workaround for you.
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases
Please be respectful when posting. I do this in my free time on a volunteer basis.

ispyisail
Moderator
Posts: 5180
Joined: Mon Apr 06, 2009 3:15 am
Location: New Zealand

Re: Wireguard on 1.3.0

Post by ispyisail »

Thank you

I replaced my wrt32x (stuffed) with a mini x86 and went back to OpenVPN, even the C7 v5 now works as expected.

With the C7 v5 I added a USB thumb drive for exroot plus with configuring I left lots of time between changes. One of the problems with gargoyle is you never know when its finished processing changes, the icon spins forever.

Lantis
Moderator
Posts: 6735
Joined: Mon Jan 05, 2015 5:33 am
Location: Australia

Re: Wireguard on 1.3.0

Post by Lantis »

I think I’ve fixed this in 1.15.x today.
https://github.com/ericpaulbishop/gargo ... 4539d2bd2a

I need to go set up a remote network at my parents place to properly test. Doing it on mobile networks tethered to my mobile is difficult.
Also testing with my work laptop causes a lot of confusion because the firewall is set to reject everything and I can’t change it.
http://lantisproject.com/downloads/gargoyle_ispyisail.php for the latest releases
Please be respectful when posting. I do this in my free time on a volunteer basis.

Post Reply