Development discussion of WireGuard
 help / color / mirror / Atom feed
* wireguard windows socket binds to device
@ 2021-05-25 10:34 Andre Naujoks
  2021-05-26 14:37 ` Jason A. Donenfeld
  0 siblings, 1 reply; 3+ messages in thread
From: Andre Naujoks @ 2021-05-25 10:34 UTC (permalink / raw)
  To: wireguard

Hi all.

I am currently trying to create a wireguard tunnel over another VPN 
under windows.

The setup would be a wirguard tunnel through an openvpn connection.

However the wireguard implementation on windows forcibly binds itself to 
the network device with the default route (which is fortunately visible 
in the wireguard log).
The wireguard peer however resides inside the other VPN and is thus not 
reached by the windows client.

Is there a reason why the routing of the host machine is forcibly 
bypassed by binding to a specific network device or is this simply a bug 
in the windows implementation?

Best regards and thanks in advance
   Andre

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: wireguard windows socket binds to device
  2021-05-25 10:34 wireguard windows socket binds to device Andre Naujoks
@ 2021-05-26 14:37 ` Jason A. Donenfeld
  2021-05-27  9:22   ` Andre Naujoks
  0 siblings, 1 reply; 3+ messages in thread
From: Jason A. Donenfeld @ 2021-05-26 14:37 UTC (permalink / raw)
  To: Andre Naujoks; +Cc: WireGuard mailing list

This might help:
https://lists.zx2c4.com/pipermail/wireguard/2021-March/006442.html

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: wireguard windows socket binds to device
  2021-05-26 14:37 ` Jason A. Donenfeld
@ 2021-05-27  9:22   ` Andre Naujoks
  0 siblings, 0 replies; 3+ messages in thread
From: Andre Naujoks @ 2021-05-27  9:22 UTC (permalink / raw)
  To: Jason A. Donenfeld; +Cc: WireGuard mailing list

Am 26.05.21 um 16:37 schrieb Jason A. Donenfeld:
> This might help:
> https://lists.zx2c4.com/pipermail/wireguard/2021-March/006442.html
> 

Hi.

Thanks for the answer.

The registry keys were not present, so I added them manually. That and 
the PostUp script seem to have done the trick.

For now, I see this as a viable workaround. Thank you for that.

I still see this as a bug though. I read the reasoning behind it in the 
other mail 
(https://lore.kernel.org/wireguard/CAHmME9rXV2_YG3fGMErDeTjfHeNKhDC2cCYA6Kw93n9A328QpQ@mail.gmail.com/).

Maybe only use the IP_UNICAST_IF to the default route if AllowedIPs is 
0.0.0.0/0 and/or ::/0? For all other cases it seems unnecessary (errors 
in those cases would be configuration problems on the users side) and in 
some cases (i.e. mine, the non-default-route case) just wrong.

Thanks again and best Regards
   Andre

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2021-05-27  9:24 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-25 10:34 wireguard windows socket binds to device Andre Naujoks
2021-05-26 14:37 ` Jason A. Donenfeld
2021-05-27  9:22   ` Andre Naujoks

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).