You are not logged in.
Firstly, I followed the Official guide from ProtonVPN.
1. Installed wireguard-tools
2. placed wg0.conf into /etc/wireguard/
3. ran wg-quick up wg0
And got the following output:
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.2.0.2/32 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a wg0 -m 0 -x
/usr/bin/wg-quick: line 32: resolvconf: command not found
[#] ip link delete dev wg0after a little digging I found a post that suggested I install systemd-resolvconf & I did. This time it gave me the following output:
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.2.0.2/32 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a wg0 -m 0 -x
[#] ip -4 route add 128.0.0.0/1 dev wg0
[#] ip -4 route add 0.0.0.0/1 dev wg0So a connection? Except there's no internet this time. Can't ping any site whatsoever.
Here are a few more info, not sure if they're gonna be helpful or not.
$ ip route show table all
0.0.0.0/1 dev wg0 scope link
default via 192.168.0.1 dev eno1 proto dhcp src 192.168.0.100 metric 100
128.0.0.0/1 dev wg0 scope link
192.168.0.0/24 dev eno1 proto kernel scope link src 192.168.0.100 metric 100
192.168.0.1 dev eno1 proto dhcp scope link src 192.168.0.100 metric 100
local 10.2.0.2 dev wg0 table local proto kernel scope host src 10.2.0.2
local 127.0.0.0/8 dev lo table local proto kernel scope host src 127.0.0.1
local 127.0.0.1 dev lo table local proto kernel scope host src 127.0.0.1
broadcast 127.255.255.255 dev lo table local proto kernel scope link src 127.0.0.1
local 192.168.0.100 dev eno1 table local proto kernel scope host src 192.168.0.100
broadcast 192.168.0.255 dev eno1 table local proto kernel scope link src 192.168.0.100
fe80::/64 dev eno1 proto kernel metric 256 pref medium
local ::1 dev lo table local proto kernel metric 0 pref medium
local fe80::3ea8:2aff:fe87:3f2b dev eno1 table local proto kernel metric 0 pref medium
multicast ff00::/8 dev eno1 table local proto kernel metric 256 pref medium
multicast ff00::/8 dev wg0 table local proto kernel metric 256 pref medium$ routel
Dst Gateway Prefsrc Protocol Scope Dev Table
0.0.0.0/1 link wg0
default 192.168.0.1 192.168.0.100 dhcp eno1
128.0.0.0/1 link wg0
192.168.0.0/24 192.168.0.100 kernel link eno1
192.168.0.1 192.168.0.100 dhcp link eno1
10.2.0.2 10.2.0.2 kernel host wg0 local
127.0.0.0/8 127.0.0.1 kernel host lo local
127.0.0.1 127.0.0.1 kernel host lo local
127.255.255.255 127.0.0.1 kernel link lo local
192.168.0.100 192.168.0.100 kernel host eno1 local
192.168.0.255 192.168.0.100 kernel link eno1 localAny help appreciated
Last edited by jsonv4 (2024-04-23 17:46:22)
Offline
I know it's a late reply, but I had the same issue and thought it might help for someone in the future.
In my case the problem was the DNS over TLS.
ProtonVPN have a functionality to filter/block malware and ads. I believe it can't work if you have a dns over tls, because they won't see the traffic they need to filter.
I'm completely out of my depth here, but my understanding is that it's not a security risk turning off dns over tls if you trust the proton vpn. DNS resolving happen in the wireguard tunnel, so your isp/wifi networks won't be able to see the plain text queries, but proton will.
Note on the setup:
From different thread that I've lost already but since the docs might seem a bit confusing if you have NetworkManager installed you should use it instead of directly using wg
https://wiki.archlinux.org/title/WireGu … orkManager
The same is probably true for systemd-networkd
TLDR:
Verify it's DNS over TLS issue:
resolvectl dnsovertls connection_name
Link 7 (connection_name): yes
connection_name is the name of the vpn .conf file that you've imported in the networkmanager
Disable it:
Depends on the setup, for NetworkManager:
nmcli connection modify connection_name connection.dns-over-tls no
Last edited by svalee (2025-12-24 04:48:17)
Offline