From: Alexander Skwar <alexanders.mailinglists+nospam@gmail.com>
Cc: wireguard@lists.zx2c4.com
Subject: Re: Android App not setting DNS when allowed IPS not 0.0.0.0/0
Date: Fri, 7 Aug 2020 06:29:01 +0200 [thread overview]
Message-ID: <CADn-QaO2gn8vX0qA9jeitSGiSK11qengh0U5_JjonTmSND84Tg@mail.gmail.com> (raw)
In-Reply-To: <aa041580-d6e8-6fa1-abc6-86de7f2ef53b@gmail.com>
hello
Welcome to the club — that is EXACTLY what I'm talking about in the
thread "WireGuard macOS App doesn't set system default DNS".
Are you on macOS as well? Using the WireGuard App or are you using wg-quick?
Regards,
Alexander
Am Do., 6. Aug. 2020 um 16:20 Uhr schrieb Mauro Santos
<registo.mailling@gmail.com>:
>
> Hello,
>
> Like the subject says I have found that when I'm not routing all traffic
> through the vpn then my dns setting seems to be ignored (tested with
> nsleaktest.com).
>
> If I route all traffic through the vpn then it works as expected.
>
> home network: 192.168.20.0/24
>
> vpn "server" is at 192.168.20.10 and internal vpn address is 10.4.4.1,
> where I have the dns server running and a few other services accessible
> only though the vpn.
>
> "server" config (with systemd-networkd)
> wireguard.netdev:
> [NetDev]
> Name = wireguard
> Kind = wireguard
> Description = WireGuard VPN
>
> [WireGuard]
> ListenPort = 4911
> PrivateKey = ...
> #Publickey = ...
>
> # Phone
> [WireGuardPeer]
> PublicKey = ...
> AllowedIPs = 10.4.4.3/32
>
> wireguard.network
> [Match]
> Name = wireguard
>
> [Network]
> Address = 10.4.4.1/24
>
> "client" config (android vpn app):
> [Interface]
> name: msi
> public key: ...
> addresses: 10.4.4.3/32
> dns servers: 10.4.4.1
>
> [Peer]
> public key: ...
> allowed ips: 10.4.4.0/24
> endpoint: 192.168.20.10:4911
>
> The problem also persists if I access the vpn from outside my internal
> network and is "fixed" if I change the allowed ips from 10.4.4.0/24 to
> 0.0.0.0/0.
>
> From what I have searched, other people with similar problems had a
> configuration problem, but I don't think it is the case here since my
> dns servers in on the same machine as other services and I can access
> the other services without problems.
>
> Any ideas on what the problem could be? I have checked the log on the
> android app but none of the messages in the log seems to indicate any
> problem, should I be looking for some warning/error messages in particular?
>
> --
> Mauro Santos
--
Alexander
--
=> Google+ => http://plus.skwar.me <==
=> Chat (Jabber/Google Talk) => a.skwar@gmail.com <==
next prev parent reply other threads:[~2020-08-07 4:29 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-06 11:22 Mauro Santos
2020-08-07 4:29 ` Alexander Skwar [this message]
2020-08-07 10:51 ` Mauro Santos
2020-08-07 11:59 ` Alexander Skwar
2020-08-08 8:04 ` Mauro Santos
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CADn-QaO2gn8vX0qA9jeitSGiSK11qengh0U5_JjonTmSND84Tg@mail.gmail.com \
--to=alexanders.mailinglists+nospam@gmail.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).