ckleea
August 28, 2020, 12:42pm
1
I have been trying to use a19.07.03 x86 generic image to install wireguard in a proxmox image. I follow the guide to configure as a dump AP and disable firewall, dnsmasq and odhcpd. However, I am unable to get wireguard working.
In luci, it cannot create wireguard interface.
Then I manually create the wireguard interface in /etc/config/network
The wg0 interface created but upon connection via IOS or android client, I can only see client send but no receive data.
Can some one help to point a working version of x86 image with wireguard?
That really sounds like a configuration issue rather than Wireguard being botched (99% of the 'Wireguard does not work' questions end up being just that).
I have had Wireguard running just fine here for more than a year on 19.07 and x86/64, and no issues.
2 Likes
Works for me.
OpenWrt 19.07.03 x86_64
libvirt + KVM/QEMU
WireGuard server + client
2 Likes
ckleea
August 28, 2020, 2:02pm
4
My network set up is simple
I have only one lan port assigned and get lan address from the router. Openwrt can access internet without problem.
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd69:e876:8339::/48'
config interface 'lan'
option ifname 'eth0'
option proto 'dhcp'
config interface 'wg0'
option proto 'wireguard'
option private_key 'server private key'
option listen_port '9989'
list addresses '10.15.100.50/24'
config wireguard_wg0
option public_key 'iOS key public key'
; option route_allowed_ips '1'
list allowed_ips '10.15.100.51/32'
Firewall disable.
router open port to the openwrt
I have another debian linux instance in the same lan. Wireguard works without any problem.
opkg update
opkg install tcpdump
tcpdump -n -i any udp port 9989
1 Like
@ckleea , welcome to the community!
Are you using the same config?
Your LAN setting was omitted
ckleea:
;
Is this an accidental character in your real config file?
Also, we have to assume the remote is configured properly, you didn't show its config
1 Like
ckleea
August 29, 2020, 1:57pm
7
Thank for the advice.
I found out the problem related to the settings.
Now it works
3 Likes
Please share how you fixed it.
2 Likes
ckleea
August 29, 2020, 11:51pm
9
As I use this within my Proxmox, I install openwrt x86 as dumb AP. I disable firewall, dnsmasq and odhcpd.
My /etc/config/network as
config interface 'loopback'
option ifname 'lo'
option proto 'static'
option ipaddr '127.0.0.1'
option netmask '255.0.0.0'
config globals 'globals'
option ula_prefix 'fd69:e876:8339::/48'
config interface 'lan'
option type 'bridge'
option ifname 'eth0'
option proto 'dhcp'
option ip6assign '60'
config interface 'lan6'
option ifname 'eth0'
option proto 'dhcpv6'
config interface 'wg0'
option proto 'wireguard'
option private_key 'OpenWRT Private Key'
option listen_port '33369'
list addresses '10.16.100.50/24'
config wireguard_wg0 'iPhoneXS'
option public_key 'IOS Public Key'
option route_allowed_ips '1'
list allowed_ips '10.16.100.51/32'
To make the wireguard connection can go in and out the wg0 interface, I run the following command
#WireGuard
iptables -t nat -I POSTROUTING -s 10.16.100.0/24 -j MASQUERADE
iptables -I FORWARD -i wg+ -s 10.16.100.0/24 -j ACCEPT
iptables -I INPUT -i wg+ -s 10.16.100.0/24 -j ACCEPT
The IOS config is just the usual one.
Once I am sure the connection is working. I put the iptables command into local startup.
Hope this is useful for one who want to add a wireguard in your small virtual image to your working environment
1 Like
system
Closed
September 8, 2020, 11:51pm
10
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.