[Solved] WireGuard connected but no access

francisuk1989 · January 26, 2018, 10:43pm

Hello,
I am having trouble getting WireGuard to connect to my server, It seems to give an internal network address of 10.20.25.26/18 and i can Ping and Traceroute fine if i SSH into the router using -i VPN;

traceroute -i VPN google.ie

Now the problem im having is getting my LAN subnet of 192.168.1.0/24 to reach the VPN however if i Allowed IP(s) 192.168.1.0/24 then it crashes and cant seem to login into anything at all so i have to unplug my WAN and then reboot leaving the LAN cable to access my device.

i have tryed setting the allowed IP(s) 0.0.0.0/0 again i have to unplug my WAN and then reboot leaving the LAN cable to access my device.

as you can see my TX is making pockets

Uptime: 0h 14m 14s
RX: 0 B (0 Pkts.)
TX: 17.02 KB (115 Pkts.)
IPv4: 10.20.25.26/18

lleachii · January 25, 2018, 4:11pm

And...you're not receiving anything...

Did you open the UDP port on your firewall for the Wireguard interface?

francisuk1989 · January 25, 2018, 4:17pm

No port forwarded as is trying to connect to my server, not router to router

lleachii · January 25, 2018, 4:30pm

OK, do you see firewall hits for that rule?
Lastly...if you're connecting to a server behind the LEDE...where is the LEDE involved in the setup (other than as a firewall)???

It seems like you might be looking for a Wireguard forum instead.

What device are you referring to as "IT"???

francisuk1989 · January 27, 2018, 10:21am

No firewall rules have been setup,,,if so where do i start to add it?
router > server

/etc/config/network

config interface 'vpn'
	option proto 'wireguard'
	option private_key XXXXXXXXXXXXXXXX
	list addresses '10.X.X.X/18'

config wireguard_vpn
	option public_key XXXXX'
	option route_allowed_ips '1'
	option endpoint_host '185.X.X.X"
	list allowed_ips '0,0,0,0/0'

Edit:

i have tryed Firewall >Traffic Rules but no luck

config rule
	option target 'ACCEPT'
	option src 'wan'
	option proto 'udp'
	option dest_port '51820'
	option name 'WG'

.

Package name 	                    Version
kmod-wireguard 	        4.9.77+0.0.20171221-1
uci-proto-wireguard    	git-18.023.74248-ee409b6-1
wireguard-tools 	        0.0.20171221-1

lleachii · January 25, 2018, 6:43pm

HOLD ON ONE SECOND...YOU JUST MENTIONED:

So, is Wireguard setup on an LEDE? And if so, now explain the SERVER is involved? Is this server at a remote location?

You must open the firewall wherever you are passing the traffic. Therefore, please describe the whole connection:

What devices are running Wireguard?
What devices/firewalls/networks/Internet are in between these devices?
What port did you use for Wireguard?

(if you are in fact running Wireguard on the LEDE, that inbound rule looks OK.)

This thread may also help: [Solved] Wireguard as a VPN "server"

francisuk1989 · January 26, 2018, 10:36pm

all sorted now i just had to perform a restart to factory settings.

thanks for the help