Wireguard on Bullseye

To: "debian-user@lists.debian.org" <debian-user@lists.debian.org>
Subject: Wireguard on Bullseye
From: Charles Curley <charlescurley@charlescurley.com>
Date: Mon, 6 Dec 2021 12:53:26 -0700
Message-id: <[🔎] 20211206125326.1565fd88@hawk.localdomain>

I would like to set up a Wireguard VPN. I have followed the
instructions at
https://wiki.debian.org/SimplePrivateTunnelVPNWithWireGuard down to the
ping just above the heading "Routing configuration". The ping command
as given doesn't work:

root@iorich:/etc/wireguard# ping 10.0.2.1/24
ping: 10.0.2.1/24: Name or service not known
root@iorich:/etc/wireguard# 

However, striping out the /24 at the end helps.

I have both firewalls cleared, i.e.:

root@hawk:/etc/wireguard# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
root@hawk:/etc/wireguard# 


On the server, ping fails:

root@hawk:/etc/wireguard# ping 10.0.2.2
PING 10.0.2.2 (10.0.2.2) 56(84) bytes of data.
From 10.0.2.1 icmp_seq=1 Destination Host Unreachable
ping: sendmsg: Destination address required
From 10.0.2.1 icmp_seq=2 Destination Host Unreachable
ping: sendmsg: Destination address required
From 10.0.2.1 icmp_seq=3 Destination Host Unreachable
ping: sendmsg: Destination address required
From 10.0.2.1 icmp_seq=4 Destination Host Unreachable
ping: sendmsg: Destination address required
From 10.0.2.1 icmp_seq=5 Destination Host Unreachable
ping: sendmsg: Destination address required

--- 10.0.2.2 ping statistics ---
5 packets transmitted, 0 received, +5 errors, 100% packet loss, time
4076ms

root@hawk:/etc/wireguard# 

And on the client,

root@iorich:/etc/wireguard# ping 10.0.2.1
PING 10.0.2.1 (10.0.2.1) 56(84) bytes of data.
From 10.0.2.2 icmp_seq=1 Destination Host Unreachable
ping: sendmsg: Required key not available
From 10.0.2.2 icmp_seq=2 Destination Host Unreachable
ping: sendmsg: Required key not available
From 10.0.2.2 icmp_seq=3 Destination Host Unreachable
ping: sendmsg: Required key not available
From 10.0.2.2 icmp_seq=4 Destination Host Unreachable
ping: sendmsg: Required key not available
From 10.0.2.2 icmp_seq=5 Destination Host Unreachable
ping: sendmsg: Required key not available

--- 10.0.2.1 ping statistics ---
5 packets transmitted, 0 received, +5 errors, 100% packet loss, time
4083ms

root@iorich:/etc/wireguard# 

I did check the keys; they appear to be correct.

root@hawk:/etc/wireguard# wg show wg0
interface: wg0
  public key: HBkAW05W2zxbTGEE4FstJLxnBpfDpec3KGhSfs6BLCU=
  private key: (hidden)
  listening port: 55820

peer: 28TsK9q71ruQ18acpp89MXGjsLVsEQcsKW3Y38VrfEo=
  allowed ips: 10.0.2.2/32
root@hawk:/etc/wireguard# 

root@iorich:/etc/wireguard# wg show wg0
interface: wg0
  public key: 28TsK9q71ruQ18acpp89MXGjsLVsEQcsKW3Y38VrfEo=
  private key: (hidden)
  listening port: 44458

peer: HBkAW05W2zxbTGEE4FstJLxnBpfDpec3KGhSfs6BLCU=
  endpoint: 72.36.20.38:55820
  allowed ips: (none)
root@iorich:/etc/wireguard# 





-- 
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/

Reply to:

Follow-Ups:
- Re: Wireguard on Bullseye
  - From: Dan Ritter <dsr@randomstring.org>

Prev by Date: Re: How to secure access to SD cards a la USBGuard?
Next by Date: Re: Wireguard on Bullseye
Previous by thread: gimpfu (python) module
Next by thread: Re: Wireguard on Bullseye
Index(es):
- Date
- Thread