Arch Linux

cpcp800

Member

Registered: 2016-08-31

Posts: 8

[SOLVED] Wireguard handshakes but no ping through

I am trying to set up a Wireguard server for private networking. I have a server on DigitalOcean running Debian buster acting as the server and a computer running Arch linux as the peer.
There seems to be a connection through to the server since

wg show

shows a handshake having occurred, however the output of both netcat and ping indicates no connection between the two computers. Why might this be?

Configs:
Server /etc/systemd/network/90-wireguard.netdev

[WireGuard]
ListenPort = 51820
PrivateKey = (server privkey)

[WireGuardPeer]
PublicKey=(client pubkey)
AllowedIPs = 10.10.10.2/32

Server /etc/systemd/network/90-wireguard.network

[Match]
Name = wg0

[Network]
Adress = 10.10.10.1/32

[Route]
Gateway = 10.10.10.1
Destination = 10.10.10.0/24

Server ip addr

3: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none

Server wg show

interface: wg0
  public key: MqvSrUg/LBIbJKkeIEUwBBqXo2uMTN1oh3Jh2FWl7H4=
  private key: (hidden)
  listening port: 51820

peer: nuBONaL+eujayc92fCqY9xxMwXqrEKtLx/0XrEH6OGI=
  endpoint: 31.3.72.56:42751
  allowed ips: 10.10.10.2/32
  latest handshake: 1 minute, 57 seconds ago
  transfer: 4.27 KiB received, 800 B sent

Client /etc/wireguard/private.conf

[Interface]
Address = 10.10.10.2/32
PrivateKey = (client privkey)

[Peer]
PublicKey = (server pubkey)
AllowedIPs = 10.10.10.0/24
Endpoint = 157.230.29.44:51820

PersistentKeepalive = 25

Client Ip Addr

14: private: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 10.10.10.2/32 scope global private
       valid_lft forever preferred_lft forever

Client wg show

interface: private
  public key: nuBONaL+eujayc92fCqY9xxMwXqrEKtLx/0XrEH6OGI=
  private key: (hidden)
  listening port: 42751

peer: MqvSrUg/LBIbJKkeIEUwBBqXo2uMTN1oh3Jh2FWl7H4=
  endpoint: 157.230.29.44:51820
  allowed ips: 10.10.10.0/24
  latest handshake: 50 seconds ago
  transfer: 616 B received, 3.59 KiB sent
  persistent keepalive: every 25 seconds

I had a spelling error in my config files

Last edited by cpcp800 (2019-08-13 11:49:56)

schard

Member

From: Hannover

Registered: 2016-05-06

Posts: 428

Website

Re: [SOLVED] Wireguard handshakes but no ping through

Please post the actual output of

ip addr
ip route

and the respective ping commands you issued.

Last edited by schard (2019-08-13 11:02:21)

---

GPG Pubkey | Repository | GitHub

cpcp800

Member

Registered: 2016-08-31

Posts: 8

Re: [SOLVED] Wireguard handshakes but no ping through

Please post the actual output of

ip addr
ip route

and the respective ping commands you issued.

Ip route from server:

default via 157.230.16.1
10.19.0.0/16 dev eth0 proto kernel scope link src 10.19.0.5
157.230.16.0/20 dev eth0 proto kernel scope link src 157.230.29.44

Ip route from client:

default via 10.3.3.1 dev wlp3s0 proto dhcp src 10.3.4.168 metric 303
10.3.0.0/21 dev wlp3s0 proto dhcp scope link src 10.3.4.168 metric 303
10.10.10.0/24 dev private scope link

Full Ip addr from client

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: enp0s31f6: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
    link/ether 50:7b:9d:ee:9a:a0 brd ff:ff:ff:ff:ff:ff
3: wlp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 44:85:00:40:6e:8d brd ff:ff:ff:ff:ff:ff
    inet 10.3.4.168/21 brd 10.3.7.255 scope global noprefixroute wlp3s0
       valid_lft forever preferred_lft forever
    inet6 fe80::1b5b:201c:e1a4:b17d/64 scope link
       valid_lft forever preferred_lft forever
14: private: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 10.10.10.2/32 scope global private
       valid_lft forever preferred_lft forever

schard

Member

From: Hannover

Registered: 2016-05-06

Posts: 428

Website

Re: [SOLVED] Wireguard handshakes but no ping through

The server does not have a route to the WireGuard network.
You should investigate this.

---

GPG Pubkey | Repository | GitHub

cpcp800

Member

Registered: 2016-08-31

Posts: 8

Re: [SOLVED] Wireguard handshakes but no ping through

I am not very experienced in the networking side of things. How should i investigate this? There is already a [Route] in /etc/systemctl/network/90-wireguard.network

schard

Member

From: Hannover

Registered: 2016-05-06

Posts: 428

Website

Re: [SOLVED] Wireguard handshakes but no ping through

Is your Debian server even using systemd-networkd?
Okay, obviously already solved.

Last edited by schard (2019-08-13 13:06:09)

---

GPG Pubkey | Repository | GitHub