Wireguard on Bullseye
I would like to set up a Wireguard VPN. I have followed the
instructions at
https://wiki.debian.org/SimplePrivateTunnelVPNWithWireGuard down to the
ping just above the heading "Routing configuration". The ping command
as given doesn't work:
root@iorich:/etc/wireguard# ping 10.0.2.1/24
ping: 10.0.2.1/24: Name or service not known
root@iorich:/etc/wireguard#
However, striping out the /24 at the end helps.
I have both firewalls cleared, i.e.:
root@hawk:/etc/wireguard# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
root@hawk:/etc/wireguard#
On the server, ping fails:
root@hawk:/etc/wireguard# ping 10.0.2.2
PING 10.0.2.2 (10.0.2.2) 56(84) bytes of data.
From 10.0.2.1 icmp_seq=1 Destination Host Unreachable
ping: sendmsg: Destination address required
From 10.0.2.1 icmp_seq=2 Destination Host Unreachable
ping: sendmsg: Destination address required
From 10.0.2.1 icmp_seq=3 Destination Host Unreachable
ping: sendmsg: Destination address required
From 10.0.2.1 icmp_seq=4 Destination Host Unreachable
ping: sendmsg: Destination address required
From 10.0.2.1 icmp_seq=5 Destination Host Unreachable
ping: sendmsg: Destination address required
--- 10.0.2.2 ping statistics ---
5 packets transmitted, 0 received, +5 errors, 100% packet loss, time
4076ms
root@hawk:/etc/wireguard#
And on the client,
root@iorich:/etc/wireguard# ping 10.0.2.1
PING 10.0.2.1 (10.0.2.1) 56(84) bytes of data.
From 10.0.2.2 icmp_seq=1 Destination Host Unreachable
ping: sendmsg: Required key not available
From 10.0.2.2 icmp_seq=2 Destination Host Unreachable
ping: sendmsg: Required key not available
From 10.0.2.2 icmp_seq=3 Destination Host Unreachable
ping: sendmsg: Required key not available
From 10.0.2.2 icmp_seq=4 Destination Host Unreachable
ping: sendmsg: Required key not available
From 10.0.2.2 icmp_seq=5 Destination Host Unreachable
ping: sendmsg: Required key not available
--- 10.0.2.1 ping statistics ---
5 packets transmitted, 0 received, +5 errors, 100% packet loss, time
4083ms
root@iorich:/etc/wireguard#
I did check the keys; they appear to be correct.
root@hawk:/etc/wireguard# wg show wg0
interface: wg0
public key: HBkAW05W2zxbTGEE4FstJLxnBpfDpec3KGhSfs6BLCU=
private key: (hidden)
listening port: 55820
peer: 28TsK9q71ruQ18acpp89MXGjsLVsEQcsKW3Y38VrfEo=
allowed ips: 10.0.2.2/32
root@hawk:/etc/wireguard#
root@iorich:/etc/wireguard# wg show wg0
interface: wg0
public key: 28TsK9q71ruQ18acpp89MXGjsLVsEQcsKW3Y38VrfEo=
private key: (hidden)
listening port: 44458
peer: HBkAW05W2zxbTGEE4FstJLxnBpfDpec3KGhSfs6BLCU=
endpoint: 72.36.20.38:55820
allowed ips: (none)
root@iorich:/etc/wireguard#
--
Does anybody read signatures any more?
https://charlescurley.com
https://charlescurley.com/blog/
Reply to: