* Wireguard Win10 Client not work through an openVPN tunnel on the same machine
[not found] <CAL5yamu4tnxCS58JbTqPtO4W51CdieZ_S0ntk7VNRV044mLmcQ@mail.gmail.com>
@ 2021-03-02 8:03 ` Peter Whisker
0 siblings, 0 replies; only message in thread
From: Peter Whisker @ 2021-03-02 8:03 UTC (permalink / raw)
To: wireguard@lists.zx2c4.com >> WireGuard mailing list
This may be because Wireguard binds to the default route interface which
is not correct if you want to use another route such as your OpenVPN. It
also fails with PulseSecure VPN.
As discussed here in the past month, removing the code which binds and
recompiling Wireguard fixes the problem.
Peter
On Sun, 28 Feb 2021, 22:17 Heiko Kendziorra, <kendziorra@dresearch-fe.de
<mailto:kendziorra@dresearch-fe.de>> wrote:
Machine A in Intranet Windows 10 Prof Version : 20H2
Address 172.1.2.3
Firewall is open for webserver und wireguard (8080 tcp, 44444 udp)
is WireguardServer Version 0.3.7
wg.conf:
PublicKey = A8C8+bRYaqu2MKs2SpwuRRgmwqItYwFFJjk77UtUUxU=
[Interface]
PrivateKey = ********************************
ListenPort = 44444
Address = 192.168.44.44/32 <http://192.168.44.44/32>
[Peer]
PublicKey = JkacJ6IYPUgCOv+OdHN6ZMJ+JRZr6V5/kDzthil/CUs=
AllowedIPs = 192.168.44.4/32 <http://192.168.44.4/32>
PersistentKeepalive = 25
--------------------------------------------------------------------------------
Machine B extern over openVPN connected with the Intranet Windows 10
Prof Version : 20H2 (OpenVPN Client running on B)
Address 172.11.12.13 could reach A over Routing (Test: Webserver on
A: 172.1.2.3:8080 <http://172.1.2.3:8080>)
is WireguardClient Version 0.3.7
wg.conf:
PublicKey = JkacJ6IYPUgCOv+OdHN6ZMJ+JRZr6V5/kDzthil/CUs=
[Interface]
PrivateKey = **********************
Address = 192.168.44.4/32 <http://192.168.44.4/32>
[Peer]
PublicKey = A8C8+bRYaqu2MKs2SpwuRRgmwqItYwFFJjk77UtUUxU=
AllowedIPs = 192.168.44.44/32 <http://192.168.44.44/32>
Endpoint = 172.16.41.20:44444 <http://172.16.41.20:44444>
PersistentKeepalive = 25
--------------------------------------------------------------------------------
Result after Activation
The Client B could not estable a working Wireguard-Connetion to A :
Protokoll Server:
2021-02-27 10:53:02.636: [TUN] [44444] Startup complete
2021-02-27 10:53:03.615: [TUN] [44444] peer(Jkac…/CUs) - Received
handshake initiation
2021-02-27 10:53:03.615: [TUN] [44444] peer(Jkac…/CUs) - Sending
handshake response
2021-02-27 10:53:07.821: [TUN] [44444] peer(Jkac…/CUs) - Handshake did
not complete after 5 seconds, retrying (try 2)
2021-02-27 10:53:11.480: [MGR] [Wintun] IsPoolMember: Reading pool
devpkey failed, falling back: Element nicht gefunden. (Code
0x00000490)
2021-02-27 10:53:28.626: [TUN] [44444] peer(Jkac…/CUs) - Sending
handshake initiation
2021-02-27 10:53:33.794: [TUN] [44444] peer(Jkac…/CUs) - Handshake did
not complete after 5 seconds, retrying (try 2)
2021-02-27 10:53:33.794: [TUN] [44444] peer(Jkac…/CUs) - Sending
handshake initiation
2021-02-27 10:53:39.094: [TUN] [44444] peer(Jkac…/CUs) - Handshake did
not complete after 5 seconds, retrying (try 3)
2021-02-27 10:53:39.094: [TUN] [44444] peer(Jkac…/CUs) - Sending
handshake initiation
2021-02-27 10:53:44.286: [TUN] [44444] peer(Jkac…/CUs) - Handshake did
not complete after 5 seconds, retrying (try 4)
2021-02-27 10:53:44.286: [TUN] [44444] peer(Jkac…/CUs) - Sending
handshake initiation
2021-02-27 10:53:49.549: [TUN] [44444] peer(Jkac…/CUs) - Handshake did
not complete after 5 seconds, retrying (try 5)
2021-02-27 10:53:49.549: [TUN] [44444] peer(Jkac…/CUs) - Sending
handshake initiation
Protokoll Client:
2021-02-27 10:53:02.793: [TUN] [test-44444] Startup complete
2021-02-27 10:53:02.836: [TUN] [test-44444] peer(A8C8…UUxU) - Received
handshake response
2021-02-27 10:53:23.530: [TUN] [test-44444] peer(A8C8…UUxU) - Retrying
handshake because we stopped hearing back after 15 seconds
2021-02-27 10:53:23.530: [TUN] [test-44444] peer(A8C8…UUxU) - Sending
handshake initiation
2021-02-27 10:53:27.815: [TUN] [test-44444] peer(A8C8…UUxU) - Received
handshake initiation
2021-02-27 10:53:27.815: [TUN] [test-44444] peer(A8C8…UUxU) - Sending
handshake response
2021-02-27 10:53:28.815: [TUN] [test-44444] peer(A8C8…UUxU) -
Handshake did not complete after 5 seconds, retrying (try 2)
2021-02-27 10:53:32.982: [TUN] [test-44444] peer(A8C8…UUxU) - Received
handshake initiation
2021-02-27 10:53:32.982: [TUN] [test-44444] peer(A8C8…UUxU) - Sending
handshake response
2021-02-27 10:53:38.283: [TUN] [test-44444] peer(A8C8…UUxU) - Received
handshake initiation
2021-02-27 10:53:38.283: [TUN] [test-44444] peer(A8C8…UUxU) - Sending
handshake response
2021-02-27 10:53:43.475: [TUN] [test-44444] peer(A8C8…UUxU) - Received
handshake initiation
2021-02-27 10:53:43.475: [TUN] [test-44444] peer(A8C8…UUxU) - Sending
handshake response
2021-02-27 10:53:48.738: [TUN] [test-44444] peer(A8C8…UUxU) - Received
handshake initiation
2021-02-27 10:53:48.738: [TUN] [test-44444] peer(A8C8…UUxU) - Sending
handshake response
2021-02-27 10:53:54.066: [TUN] [test-44444] peer(A8C8…UUxU) - Received
handshake initiation
2021-02-27 10:53:54.066: [TUN] [test-44444] peer(A8C8…UUxU) - Sending
handshake response
2021-02-27 10:53:59.148: [TUN] [test-44444] peer(A8C8…UUxU) - Received
handshake initiation
2021-02-27 10:53:59.148: [TUN] [test-44444] peer(A8C8…UUxU) - Sending
handshake response
2021-02-27 10:54:04.459: [TUN] [test-44444] peer(A8C8…UUxU) - Received
handshake initiation
2021-02-27 10:54:04.459: [TUN] [test-44444] peer(A8C8…UUxU) - Sending
handshake response
2021-02-27 10:54:09.601: [TUN] [test-44444] Device closing
Apparently, the only message that the server has received from the
client is the one that was sent to the public address on port 44444.
After that, the client can no longer send a message - but the other
way round it can.
Modifikation
start a Win10 Sandbox on B.
install the Wireguard Client there with the same configuration like
on B
deactivate WG-Client on B
the Sandbox could reach A over routing through the running Open-VPN of B
under these conditions, the wiregiard connection can also be
established!!
Protokoll Server:
2021-02-27 11:46:04.958: [TUN] [44444] Startup complete
2021-02-27 11:46:05.762: [TUN] [44444] peer(Jkac…/CUs) - Received
handshake initiation
2021-02-27 11:46:05.762: [TUN] [44444] peer(Jkac…/CUs) - Sending
handshake response
2021-02-27 11:46:05.786: [TUN] [44444] peer(Jkac…/CUs) - Receiving
keepalive packet
2021-02-27 11:46:13.757: [MGR] [Wintun] IsPoolMember: Reading pool
devpkey failed, falling back: Element nicht gefunden. (Code
0x00000490)
2021-02-27 11:46:30.795: [TUN] [44444] peer(Jkac…/CUs) - Sending
keepalive packet
2021-02-27 11:46:30.812: [TUN] [44444] peer(Jkac…/CUs) - Receiving
keepalive packet
Protokoll Client:
2021-02-27 11:46:05.050: [TUN] [wg-test-sandbox] Startup complete
2021-02-27 11:46:05.065: [TUN] [wg-test-sandbox] peer(A8C8…UUxU) -
Received handshake response
2021-02-27 11:46:05.088: [TUN] [wg-test-sandbox] peer(A8C8…UUxU) -
Receiving keepalive packet
2021-02-27 11:46:30.093: [TUN] [wg-test-sandbox] peer(A8C8…UUxU) -
Sending keepalive packet
2021-02-27 11:46:30.097: [TUN] [wg-test-sandbox] peer(A8C8…UUxU) -
Receiving keepalive packet
Heiko Kendziorra
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2021-03-02 8:03 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <CAL5yamu4tnxCS58JbTqPtO4W51CdieZ_S0ntk7VNRV044mLmcQ@mail.gmail.com>
2021-03-02 8:03 ` Wireguard Win10 Client not work through an openVPN tunnel on the same machine Peter Whisker
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).