You are not logged in.

Pages: 1

#1 2024-08-06 07:47:05

itarill
Member
Registered: 2020-06-03
Posts: 58

Cannot connect to cockpit on host from wg tunnel on host

This weird thing is bugging me.
I have 2 machines on my LAN running 2 wireguard servers, as well as cockpits on port 9090. An old laptop running Arch (A; 192.168.11.101) and a raspberry pi (B; 192.168.11.165)

From A (arch machine), I can:

  • Ping LAN and outside from WG ✔

  • Access B by IP:9090 from WG  ✔

  • Access itself by IP:9090 only when I'm natively in LAN, but not from WG. Whyyyyyyyyyy?

From B (rpi), I can:

  • Ping LAN and outside from WG ✔

  • Access A by IP:9090 from WG ✔

  • Access itelf by IP:9090 from both LAN and WG. ✔

I have no deny rules in UFW for either machine, and on both the only relavant rule for localhost or 9090 is:

allow from 192.168.0.0/16 to any port 9090 proto tcp comment 'cockpit from LAN/WG'
[18]    9090/tcp        ALLOW    IN    192.168.0.0/16   


I wonder what I am missing?

(The example use cases were included because on Arch I am using podman-compose and on the rpi I am using podman run. The parameters are mostly the same as allowed by the different architecture and OS, but losely speaking B is working as intended and A should too, I can't for the life of me figure out what I am not seeing)

Last edited by itarill (2024-08-06 07:49:42)

Offline

#2 2024-08-12 09:27:11

bonbon12
Member
Registered: 2024-08-08
Posts: 7

Re: Cannot connect to cockpit on host from wg tunnel on host

Make sure Cockpit is listening on all network interfaces and not just the local interface. On A, run:

sudo netstat -tuln | grep 9090

The output should show 0.0.0.0:9090 or [::]:9090, indicating it listens on all interfaces. If it shows 127.0.0.1:9090, it's only listening on the loopback interface.

Have a great day smile

Create website designs

Offline

#3 2024-08-20 10:27:47

itarill
Member
Registered: 2020-06-03
Posts: 58

Re: Cannot connect to cockpit on host from wg tunnel on host

~$ sudo netstat -tuln | grep 9090

tcp6       0      0 :::9090                 :::*                    LISTEN

Is this weird? No TCPv4? My home assistant gives

~$ sudo netstat -tuln | grep 8123
tcp        0      0 0.0.0.0:8123            0.0.0.0:*               LISTEN     
tcp6       0      0 :::8123                 :::*                    LISTEN

Last edited by itarill (2024-08-20 10:28:03)

Offline

Pages: 1

Board footer

Powered by FluxBB