Wireguard - Won't ping

burny02 · July 25, 2021, 1:42am

Hey all,

I’ve been switching from OpenVPN > Wireguard due to the new Wireguard package in PfSense.

Luckiy I’ve not had too many problems setting up the peers, and have managed to connect 3 android devices as peers.

Unfortunately, I’ve been trying to connect my Arch laptop, and am unable to ping the server. (Or access the internet, which I can do from all the other devices) Strange as it seems to handshake correctly. (Which should mean the keys are correctly set)

The server is also unable to ping the client

I’ve regenerated and re-setup the keys from both ends.
Tried keeping alive
Made sure NAT is working (Works for other devices)
Tried the networkmanager-wireguard plugin (Been using network manager otherwise)
Tried tcpdump and can see packets apparently moving
Tried /24 and /32 Netmask
Playing with default routes

Any help or pointers would be appreciated. The Peer ‘Allowed IP’s’ on the client machine is set to 0.0.0.0/0

Cheers

risk · July 25, 2021, 6:05am

You see UDP packets moving on udp 51820 on the host/physical interface, or do you see packets going over wg0?

Do you see them going in both directions?

burny02 · July 25, 2021, 10:45am

I can see packets going out over the wireguard interface, and I can see packets coming in on the wireless interface.

Looking last night, some website directed me to these commands, I’ve included examples of results

tcp dump -nn -i wireInt (Wireguard interface)
IP 192.168.209.5:51820 > public ip:51820: UDP, length 1136
lots of lines…Has the public IP

tcp dump -nn -i wlo1 usp and port 51820 (Wireless interface)
IP 192.168.212.1:51820 > 192.168.212.209.51820: UDP, length 148
Not many lines…Uses LAN IP

burny02 · July 27, 2021, 10:35am

Seems the problem is due to Network Manager, as creating exactly the same setup through terminal appears to work, perfectly.