In addition, I've set up custom DNS with BIND9 to create own domain in the network. It's good to mention that for all the Address notes it's better to use subnet mask of 32 bits, which means an exact IP, not a range. This allows peers to communicate with each other and reach the Internet through VPN. I had to link config with the kernel using sysctl -p /etc/nf command. Secondly, my addition of _forward=1 to the file /etc/nf didn't work even though I called systemctl daemon-reload systemctl restart systemd-networkd. So, my wg setconf wg0 /etc/wireguard/wg0.conf didn't work the expected way, and I guess it uses old config format. Well, in several of days, nights, and killed servers, I solved all the problems myself :)įirstly, I'd like to mention that wg and wg-quick utilities treats config files differently. How can I fix WireGuard configs or server network settings to solve the problem? In addition, I cannot access one client from another, I think it's the same problem. Now the command ip address show wg0 provides the following output: 4: wg0: mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000 I tried solving it with ifconfig wg0 broadcast/multicast, but had no success. I removed Address from server's config, and set AllowedIPs = 10.0.0.2/24 in the client's one, I finally got connected to the server's NginX from client by private IP, and able to reach the Internet (coz traffic goes outside VPN).īut if I set AllowedIPs = 0.0.0.0/0 on the client, I have no Internet access, though still can reach server by VPN's IP address 10.0.0.1. Also, I have specified _forward=1 & .forwarding=1 in the /etc/nf. Neither iptables nor firewalls are installed on the server, so it can't be a problem. So, how can I achieve my goals? And what's wrong with my configs? I think it means that it doesn't really get connected. I'm able to get connected to VPN even if I change the port in client's config.I even can't ping the server by global IP address, though I can with the private one, 10.0.0.1. Latest handshake: 2 minutes, 11 seconds agoįrom the client (which is MacOS with WireGuard GUI) I'm able to connect, but: To make WireGuard work, I also ran these commands: ip link add dev wg0 type wireguardĪfter all, wg commands provides the following output: interface: wg0
![raspberry pi vpn guard raspberry pi vpn guard](https://zya.beegeescover.pl/templates/64af9ff6ec07d70d68e9adf4e68843a5/img/93774c97fc88b311a162ab6897859f4c.jpg)
But it probably makes WG choose random IP addresses for the server and clients. Here is config of the server: īut when I'm trying to load server's config wg setconf wg0 /etc/wireguard/wg0.conf I get this error: Line unrecognized: `Address=10.0.0.1/24' Also, I'd like to setup DNS and private domain names (working with NginX).Clients can reach global Internet through the VPN.Clients are able to communicate with each other and the server,.