From: Mauro Santos <registo.mailling@gmail.com>
To: wireguard@lists.zx2c4.com
Subject: Android App not setting DNS when allowed IPS not 0.0.0.0/0
Date: Thu, 6 Aug 2020 12:22:29 +0100 [thread overview]
Message-ID: <aa041580-d6e8-6fa1-abc6-86de7f2ef53b@gmail.com> (raw)
Hello,
Like the subject says I have found that when I'm not routing all traffic
through the vpn then my dns setting seems to be ignored (tested with
nsleaktest.com).
If I route all traffic through the vpn then it works as expected.
home network: 192.168.20.0/24
vpn "server" is at 192.168.20.10 and internal vpn address is 10.4.4.1,
where I have the dns server running and a few other services accessible
only though the vpn.
"server" config (with systemd-networkd)
wireguard.netdev:
[NetDev]
Name = wireguard
Kind = wireguard
Description = WireGuard VPN
[WireGuard]
ListenPort = 4911
PrivateKey = ...
#Publickey = ...
# Phone
[WireGuardPeer]
PublicKey = ...
AllowedIPs = 10.4.4.3/32
wireguard.network
[Match]
Name = wireguard
[Network]
Address = 10.4.4.1/24
"client" config (android vpn app):
[Interface]
name: msi
public key: ...
addresses: 10.4.4.3/32
dns servers: 10.4.4.1
[Peer]
public key: ...
allowed ips: 10.4.4.0/24
endpoint: 192.168.20.10:4911
The problem also persists if I access the vpn from outside my internal
network and is "fixed" if I change the allowed ips from 10.4.4.0/24 to
0.0.0.0/0.
From what I have searched, other people with similar problems had a
configuration problem, but I don't think it is the case here since my
dns servers in on the same machine as other services and I can access
the other services without problems.
Any ideas on what the problem could be? I have checked the log on the
android app but none of the messages in the log seems to indicate any
problem, should I be looking for some warning/error messages in particular?
--
Mauro Santos
next reply other threads:[~2020-08-06 14:18 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-06 11:22 Mauro Santos [this message]
2020-08-07 4:29 ` Alexander Skwar
2020-08-07 10:51 ` Mauro Santos
2020-08-07 11:59 ` Alexander Skwar
2020-08-08 8:04 ` Mauro Santos
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aa041580-d6e8-6fa1-abc6-86de7f2ef53b@gmail.com \
--to=registo.mailling@gmail.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).