[Solved] WireGuard connected but no access

Hello,
I am having trouble getting WireGuard to connect to my server, It seems to give an internal network address of 10.20.25.26/18 and i can Ping and Traceroute fine if i SSH into the router using -i VPN;

traceroute -i VPN google.ie

Now the problem im having is getting my LAN subnet of 192.168.1.0/24 to reach the VPN however if i Allowed IP(s) 192.168.1.0/24 then it crashes and cant seem to login into anything at all so i have to unplug my WAN and then reboot leaving the LAN cable to access my device.

i have tryed setting the allowed IP(s) 0.0.0.0/0 again i have to unplug my WAN and then reboot leaving the LAN cable to access my device.

as you can see my TX is making pockets

Uptime: 0h 14m 14s
RX: 0 B (0 Pkts.)
TX: 17.02 KB (115 Pkts.)
IPv4: 10.20.25.26/18

And...you're not receiving anything...

Did you open the UDP port on your firewall for the Wireguard interface?

No port forwarded as is trying to connect to my server, not router to router

  • OK, do you see firewall hits for that rule?
  • Lastly...if you're connecting to a server behind the LEDE...where is the LEDE involved in the setup (other than as a firewall)???

It seems like you might be looking for a Wireguard forum instead.

What device are you referring to as "IT"???

  1. No firewall rules have been setup,,,if so where do i start to add it?
  2. router > server

/etc/config/network

config interface 'vpn'
	option proto 'wireguard'
	option private_key XXXXXXXXXXXXXXXX
	list addresses '10.X.X.X/18'

config wireguard_vpn
	option public_key XXXXX'
	option route_allowed_ips '1'
	option endpoint_host '185.X.X.X"
	list allowed_ips '0,0,0,0/0'

Edit:

i have tryed Firewall >Traffic Rules but no luck

config rule
	option target 'ACCEPT'
	option src 'wan'
	option proto 'udp'
	option dest_port '51820'
	option name 'WG'

.

Package name 	                    Version
kmod-wireguard 	        4.9.77+0.0.20171221-1
uci-proto-wireguard    	git-18.023.74248-ee409b6-1
wireguard-tools 	        0.0.20171221-1

HOLD ON ONE SECOND...YOU JUST MENTIONED:

So, is Wireguard setup on an LEDE? And if so, now explain the SERVER is involved? Is this server at a remote location?

You must open the firewall wherever you are passing the traffic. Therefore, please describe the whole connection:

  • What devices are running Wireguard?
  • What devices/firewalls/networks/Internet are in between these devices?
  • What port did you use for Wireguard?

(if you are in fact running Wireguard on the LEDE, that inbound rule looks OK.)

This thread may also help: [Solved] Wireguard as a VPN "server"

all sorted now i just had to perform a restart to factory settings.

thanks for the help :wink:

1 Like