I have such setup on my router. Everything works fine if I'm using IPv4 endpoint, but after I switched to IPv6, it doesn't create an interface (or maybe they deleted it after they create). I tried to add logs to /lib/netifd/proto/wireguard.sh and it seems the function goes through proto_wireguard_setup function without any issue. And idk what to do next. Could someone help?
From your image, you have not configured the IPv6 address of the peer, you entered a subnet.
Does the IPv6 address have two colons in the rightmost position? It's a bit odd.
1 Like
That means 2403:1111:1111:1111:0:0:0:0.
Same IP works on my Ubuntu VM and Windows PC
Can you try 2403:1111:1111:1111:0:0:0:1?
Better post here the uci show network in preformatted text </> rather than screenshots.
The configuration (at least what I was able to read) looks quite wrong.
2 Likes
Sorry for being AFK for few days. I followed documation on openwrt.org, but it won't work as well.
root@OpenWrt:~# uci show network
network.loopback=interface
network.loopback.ifname='lo'
network.loopback.proto='static'
network.loopback.ipaddr='127.0.0.1'
network.loopback.netmask='255.0.0.0'
network.globals=globals
network.globals.ula_prefix='fd36:b757:6756::/48'
network.lan=interface
network.lan.type='bridge'
network.lan.ifname='eth1.1'
network.lan.proto='static'
network.lan.ipaddr='192.168.1.1'
network.lan.netmask='255.255.255.0'
network.lan.ip6assign='60'
network.wan=interface
network.wan.ifname='eth0.2'
network.wan.proto='static'
network.wan.ipaddr='REMOVED'
network.wan.netmask='255.255.255.0'
network.wan.gateway='REMOVED'
network.wan.dns='REMOVED'
network.wan.macaddr='REMOVED'
network.wan6=interface
network.wan6.ifname='eth0.2'
network.wan6.proto='dhcpv6'
network.@switch[0]=switch
network.@switch[0].name='switch0'
network.@switch[0].reset='1'
network.@switch[0].enable_vlan='1'
network.@switch_vlan[0]=switch_vlan
network.@switch_vlan[0].device='switch0'
network.@switch_vlan[0].vlan='1'
network.@switch_vlan[0].ports='1 2 3 4 6t'
network.@switch_vlan[1]=switch_vlan
network.@switch_vlan[1].device='switch0'
network.@switch_vlan[1].vlan='2'
network.@switch_vlan[1].ports='5 0t'
network.wg0=interface
network.wg0.proto='wireguard'
network.wg0.private_key='REMOVED'
network.wg0.addresses='10.0.0.3/32' '****:****:*:**::101/128'
network.wgserver=wireguard_wg0
network.wgserver.endpoint_host='****:****:*:**::'
network.wgserver.endpoint_port='*****'
network.wgserver.route_allowed_ips='1'
network.wgserver.persistent_keepalive='25'
network.wgserver.allowed_ips='0.0.0.0/1' '128.0.0.0/1' '::/0'
wg showconf also gaves me empty [Interface] block.
And from the log, it seems wg service is rebooting every 5 seconds
Wait, I think I forgot to add server public key.
Here are the final config
network.wg0=interface
network.wg0.proto='wireguard'
network.wg0.private_key='REMOVED'
network.wg0.addresses='10.0.0.3/32' '****:****:*:**::101/128'
network.wgserver=wireguard_wg0
network.wgserver.public_key='REMOVED'
network.wgserver.endpoint_host='****:****:*:**::'
network.wgserver.endpoint_port='*****'
network.wgserver.route_allowed_ips='1'
network.wgserver.persistent_keepalive='25'
network.wgserver.allowed_ips='0.0.0.0/1' '128.0.0.0/1' '::/0'
After uci commit network and /etc/init.d/network restart, wg show shows nothing. I'm going to try with IPv4.
Change network mask to /24 and /64 for IPv4 and IPv6 respectively.
It can't connect to the server for some reason.
Verify the endpoint_host and endpoint_port options.
Make sure the server is reachable and your ISP doesn't block the WireGuard protocol.
Temporary remove the ::/0 as it might conflict with the default IPv6 route.
Okay problem solved. I was using a ipv6 passthrough script on Github, which will assign a ipv6 address to LAN but not WAN, and use ebtables to bridge all IPv6 traffic to br-lan. I tried to switch back to relay mode and it works.
1 Like
If your problem is solved, feel free to mark the relevant post as the solution; and edit the title to add "[SOLVED]" to the beginning (click the pencil behind the topic).
1 Like
This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.