Development discussion of WireGuard
 help / color / mirror / Atom feed
From: nicolas prochazka <prochazka.nicolas@gmail.com>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: [wireguard-dev] Help about configuration
Date: Wed, 20 Sep 2017 20:09:23 +0200	[thread overview]
Message-ID: <CADdae-j5Xr0jqB+dHcX7aYat60tahMCBTKiWVnSm_A-cQuf=qA@mail.gmail.com> (raw)
In-Reply-To: <CAHmME9rWpuWBRzZLFeaOG4zG-VxHUEi8wbXe4iL7xYguk0TMFw@mail.gmail.com>

hello,
you're right, sorry , it's just a old nat rule .
regards,
Nicolas

2017-09-20 17:21 GMT+02:00 Jason A. Donenfeld <Jason@zx2c4.com>:
> Seems likely the wrong source IP is being used for sending the ping. Use
> tcpdump on the initiating computer to make sure the source IP of the ping
> packet matches the allowed-ips of the other machine.
>
> --
> Sent from my telephone.
>
> On Sep 20, 2017 17:11, "nicolas prochazka" <prochazka.nicolas@gmail.com>
> wrote:
>
> Hello, can somebody tells me what I do wrong :
> I can ping from server 1 --> client 1  ( ping fd00:14::8b5:8aff:fe85:f3ee )
> .
> but not from client 1 --> server1  ( ping fd00:14::8b5:8aff:fe85:f3ec )
>
> we can notice
> RX packets:230 errors:1112 dropped:0 overruns:0 frame:1112
> on server side  seems strange
>
> wireguard : v0.0.20170918]
> kernel : 4.9.23 on client1
> kernel : 4.4.0 on server 1
>
>
> Regards,
> Nicolas Prochazka
>
> Server 1 :
> ifconfig neocoretech_rd
> neocoretech_rd Link encap:UNSPEC  HWaddr
> 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
>           inet6 addr: fd00:14::8b5:8aff:fe85:f3ec/32 Scope:Global
>           UP POINTOPOINT RUNNING NOARP  MTU:1420  Metric:1
>           RX packets:230 errors:1112 dropped:0 overruns:0 frame:1112
>           TX packets:390 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1
>           RX bytes:24672 (24.6 KB)  TX bytes:39104 (39.1 KB)
>
>
> [52.209.226.5]~/resources/tunnelHelper>wg showconf neocoretech_rd
> [Interface]
> ListenPort = 6081
> PrivateKey = mNHgDu3Nbusb3Xd8tI8imBkFgvnUSCjKGVP5qT8pi2Q=
>
> [Peer]
> PublicKey = 5zSx+CxgcjLKE2shpkTrLFgCHNOPM6r7TcuZ5cSx2AA=
> AllowedIPs = fd00:14::8b5:8aff:fe85:f3ee/128
> Endpoint = 77.156.254.18:25813
>
> wg show neocoretech_rd
> interface: neocoretech_rd
>   public key: lrJtbn/Jfdb1NyIP78ls11uqAzjcWzDuD+x05RxFk20=
>   private key: (hidden)
>   listening port: 6081
>
> peer: 5zSx+CxgcjLKE2shpkTrLFgCHNOPM6r7TcuZ5cSx2AA=
>   endpoint: 77.156.254.18:25813
>   allowed ips: fd00:14::8b5:8aff:fe85:f3ee/128
>   latest handshake: 1 minute, 10 seconds ago
>   transfer: 23.95 KiB received, 36.07 KiB sent
>
>
>
> Client 1 :
> ifconfig wg0
> wg0       Link encap:UNSPEC  HWaddr
> 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
>           inet6 addr: fd00:14::8b5:8aff:fe85:f3ee/8 Scope:Global
>           UP POINTOPOINT RUNNING NOARP  MTU:1420  Metric:1
>           RX packets:230 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:1366 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1
>           RX bytes:23632 (23.0 KiB)  TX bytes:230352 (224.9 KiB)
>
>
> [optimizer] wg showconf wg0
> [Interface]
> ListenPort = 6081
> PrivateKey = IM0tv9xWcVBPhD7+Tny7LHnYu1YHBGCJbBr6fgCdZns=
>
> [Peer]
> PublicKey = lrJtbn/Jfdb1NyIP78ls11uqAzjcWzDuD+x05RxFk20=
> AllowedIPs = ::/0
> Endpoint = 52.209.226.5:6081
> PersistentKeepalive = 25
>
> wg show wg0
> interface: wg0
>   public key: 5zSx+CxgcjLKE2shpkTrLFgCHNOPM6r7TcuZ5cSx2AA=
>   private key: (hidden)
>   listening port: 6081
>
> peer: lrJtbn/Jfdb1NyIP78ls11uqAzjcWzDuD+x05RxFk20=
>   endpoint: 52.209.226.5:6081
>   allowed ips: ::/0
>   latest handshake: 37 seconds ago
>   transfer: 22.99 KiB received, 215.96 KiB sent
>   persistent keepalive: every 25 seconds
> _______________________________________________
> WireGuard mailing list
> WireGuard@lists.zx2c4.com
> https://lists.zx2c4.com/mailman/listinfo/wireguard
>
>

  reply	other threads:[~2017-09-20 17:42 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-09-20 15:11 nicolas prochazka
     [not found] ` <CAHmME9qrtSm1Y-h9FfyXWVCmrvmtciFau0jG2144Yrwu=BRMig@mail.gmail.com>
     [not found]   ` <CAHmME9r0hXW8CT5wO10X-b-9HUBDzzvSAbnn69aFav+6ovxQGA@mail.gmail.com>
2017-09-20 15:21     ` Jason A. Donenfeld
2017-09-20 18:09       ` nicolas prochazka [this message]
2017-09-20 21:17         ` Jason A. Donenfeld

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CADdae-j5Xr0jqB+dHcX7aYat60tahMCBTKiWVnSm_A-cQuf=qA@mail.gmail.com' \
    --to=prochazka.nicolas@gmail.com \
    --cc=Jason@zx2c4.com \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).