Development discussion of WireGuard
 help / color / mirror / Atom feed
* Connection works, ping does not
@ 2020-11-22 19:39 Hendrik Friedel
  2020-11-23 17:02 ` Max R. P. Grossmann
  0 siblings, 1 reply; 4+ messages in thread
From: Hendrik Friedel @ 2020-11-22 19:39 UTC (permalink / raw)
  To: wireguard

Hello,

(I posted this a while ago, but it never appeared on the list; if the list is the wrong place for this question, please let me know; I would appreciate a hint for a more appropriate place)

I am using wireguard to connect two machines.
My local server is connected  to the internet via a router. I am using theis Server also for connecting other devices (e.g. mobile phones) to my home network. This works great.

But when connecting to another server (both debian 10), I only get a successful connection, but no ping.
*My server:*

wg show
interface: wgnet0
   public key: xxxxx=
   private key: (hidden)
   listening port: 51820

peer: sdfsdfsdfsdfsdfsdf=
   endpoint: 109.41.64.83:15167
   allowed ips: 10.192.122.2/32
   latest handshake: 1 minute, 7 seconds ago
   transfer: 10.95 MiB received, 40.35 MiB sent

peer: yyyy=
   endpoint: 185.22.142.254:51380
   allowed ips: 10.192.122.3/32
   transfer: 0 B received, 5.20 KiB sent

peer: yyyy=
   endpoint: 93.214.229.137:64119
   allowed ips: 10.192.122.4/32

peer: yyyy=
   endpoint: 93.214.225.116:49819
   allowed ips: 10.192.122.5/32

peer: yyyy=
   allowed ips: 10.192.122.6/32

peer: yyyy=
   allowed ips: 10.192.122.7/32


more /etc/wireguard/wgnet0.conf
[Interface]
Address = 10.192.122.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i wgnet0 -j ACCEPT; iptables -A FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wgnet0 -j ACCEPT; iptables -D FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PrivateKey = aaa=

[Peer]
PublicKey = yyyy=
AllowedIPs = 10.192.122.2/32
Endpoint = 123.41.67.233:18314

[Peer]
PublicKey = xxx=
AllowedIPs = 10.192.122.3/32
Endpoint = 123.22.142.254:51380





ip route
default via 192.168.177.1 dev eth0 proto static
10.192.122.0/24 dev wgnet0 proto kernel scope link src 10.192.122.1

and the other side/server:

interface: wgnet0
   public key: xxxxx=
   private key: (hidden)
   listening port: 54004
   fwmark: 0xca6c

peer: yyyyy=
   endpoint: [2003:cb:aaa:bbb:9ec7:a6ff:fefd:3a6d]:51820
   allowed ips: 0.0.0.0/0
   transfer: 0 B received, 2.75 KiB sent
   persistent keepalive: every 25 seconds



   more wgnet0.conf
[Interface]
Address = 10.192.122.3/32
PrivateKey = xxxxx=

[Peer]
PublicKey = yyyyy=
Endpoint = v.myfritz.net:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25

It seems to me, that the connection is successfully established , but data is only transmitted in one direction.

How can I find the reason?

Regards,
Hendrik


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Connection works, ping does not
  2020-11-22 19:39 Connection works, ping does not Hendrik Friedel
@ 2020-11-23 17:02 ` Max R. P. Grossmann
  2020-11-23 20:37   ` Re[2]: " Hendrik Friedel
  0 siblings, 1 reply; 4+ messages in thread
From: Max R. P. Grossmann @ 2020-11-23 17:02 UTC (permalink / raw)
  To: Hendrik Friedel; +Cc: wireguard

[-- Attachment #1: Type: text/plain, Size: 3487 bytes --]

Hi Hendrik,

Could it be that some kind of firewall is restricting UDP traffic to your other server?

E.g. could you try to run `mtr --udp [other server's public IP address]` on your computer (while disabling your other WireGuard connection, if applicable) and report back whether there is any kind of packet loss?

If not, you may wish to check whether the port on the machine is reachable, e.g. by running `nc -v -l -u -p 12345` on your server and then executing `echo test | nc -u [server's IP] 12345`, to check whether the message arrives at the server.

Best,

Max

On 20/11/22 07:39pm, Hendrik Friedel wrote:
> Hello,
> 
> (I posted this a while ago, but it never appeared on the list; if the list is the wrong place for this question, please let me know; I would appreciate a hint for a more appropriate place)
> 
> I am using wireguard to connect two machines.
> My local server is connected  to the internet via a router. I am using theis Server also for connecting other devices (e.g. mobile phones) to my home network. This works great.
> 
> But when connecting to another server (both debian 10), I only get a successful connection, but no ping.
> *My server:*
> 
> wg show
> interface: wgnet0
>   public key: xxxxx=
>   private key: (hidden)
>   listening port: 51820
> 
> peer: sdfsdfsdfsdfsdfsdf=
>   endpoint: 109.41.64.83:15167
>   allowed ips: 10.192.122.2/32
>   latest handshake: 1 minute, 7 seconds ago
>   transfer: 10.95 MiB received, 40.35 MiB sent
> 
> peer: yyyy=
>   endpoint: 185.22.142.254:51380
>   allowed ips: 10.192.122.3/32
>   transfer: 0 B received, 5.20 KiB sent
> 
> peer: yyyy=
>   endpoint: 93.214.229.137:64119
>   allowed ips: 10.192.122.4/32
> 
> peer: yyyy=
>   endpoint: 93.214.225.116:49819
>   allowed ips: 10.192.122.5/32
> 
> peer: yyyy=
>   allowed ips: 10.192.122.6/32
> 
> peer: yyyy=
>   allowed ips: 10.192.122.7/32
> 
> 
> more /etc/wireguard/wgnet0.conf
> [Interface]
> Address = 10.192.122.1/24
> SaveConfig = true
> PostUp = iptables -A FORWARD -i wgnet0 -j ACCEPT; iptables -A FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
> PostDown = iptables -D FORWARD -i wgnet0 -j ACCEPT; iptables -D FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
> ListenPort = 51820
> PrivateKey = aaa=
> 
> [Peer]
> PublicKey = yyyy=
> AllowedIPs = 10.192.122.2/32
> Endpoint = 123.41.67.233:18314
> 
> [Peer]
> PublicKey = xxx=
> AllowedIPs = 10.192.122.3/32
> Endpoint = 123.22.142.254:51380
> 
> 
> 
> 
> 
> ip route
> default via 192.168.177.1 dev eth0 proto static
> 10.192.122.0/24 dev wgnet0 proto kernel scope link src 10.192.122.1
> 
> and the other side/server:
> 
> interface: wgnet0
>   public key: xxxxx=
>   private key: (hidden)
>   listening port: 54004
>   fwmark: 0xca6c
> 
> peer: yyyyy=
>   endpoint: [2003:cb:aaa:bbb:9ec7:a6ff:fefd:3a6d]:51820
>   allowed ips: 0.0.0.0/0
>   transfer: 0 B received, 2.75 KiB sent
>   persistent keepalive: every 25 seconds
> 
> 
> 
>   more wgnet0.conf
> [Interface]
> Address = 10.192.122.3/32
> PrivateKey = xxxxx=
> 
> [Peer]
> PublicKey = yyyyy=
> Endpoint = v.myfritz.net:51820
> AllowedIPs = 0.0.0.0/0
> PersistentKeepalive = 25
> 
> It seems to me, that the connection is successfully established , but data is only transmitted in one direction.
> 
> How can I find the reason?
> 
> Regards,
> Hendrik
> 

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re[2]: Connection works, ping does not
  2020-11-23 17:02 ` Max R. P. Grossmann
@ 2020-11-23 20:37   ` Hendrik Friedel
  2020-11-23 22:16     ` Re[3]: " Hendrik Friedel
  0 siblings, 1 reply; 4+ messages in thread
From: Hendrik Friedel @ 2020-11-23 20:37 UTC (permalink / raw)
  To: Max R. P. Grossmann; +Cc: wireguard

Hello Max,

thanks for your reply.

>
>Could it be that some kind of firewall is restricting UDP traffic to your other server?
>
Well, locally, I do use this machine as Host for many tunnels.


>
>E.g. could you try to run `mtr --udp [other server's public IP address]` on your computer (while disabling your other WireGuard connection, if applicable) and report back whether there is any kind of packet loss?
I used traceroute on the commandline for this:

Remote_

wg-quick up wgnet0
[#] ip link add wgnet0 type wireguard
[#] wg setconf wgnet0 /dev/fd/63
[#] ip -4 address add 10.192.122.3/32 dev wgnet0
[#] ip link set mtu 1420 up dev wgnet0
[#] wg set wgnet0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wgnet0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0

root@openmediavault:/etc/wireguard# wg show
interface: wgnet0
   public key: cebXSaxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMFw=
   private key: (hidden)
   listening port: 42759
   fwmark: 0xca6c

peer: oNjmmmmmmmmmmmmmmmmmmmmmmmmmmmmU=
   endpoint: [2003:cb:97ff:33d8:9ec7:a6ff:fefd:3a6d]:51820
   allowed ips: 0.0.0.0/0
   transfer: 0 B received, 444 B sent
   persistent keepalive: every 25 seconds


Local:
traceroute to 2a00:sdfs:sdfsdf:sdfs:erre:ereee:sdf:c33a 
(2a00:sdfs:sdfsdf:sdfs:erre:ereee:sdf:c33a), 30 hops max, 80 byte 
packets
  1  p200300cb9733ca009ec7a6fffefd3a69.dip0.t-ipconnect.de 
(2003:cb:9733:ca00:9ec7:a6ff:fefd:3a69)  0.946 ms  3.435 ms  3.645 ms
  2  2003:0:8501::1 (2003:0:8501::1)  13.884 ms  13.839 ms  14.193 ms
  3  * * *
  4  2001:2000:3019:6b::1 (2001:2000:3019:6b::1)  86.609 ms  88.002 ms  
87.874 ms
  5  ddf-b2-v6.telia.net (2001:2000:3018:21::1)  88.137 ms  89.508 ms  
89.639 ms
  6  * * *
  7  2a00:6020:0:b::2 (2a00:6020:0:b::2)  81.576 ms  81.989 ms 
2a00:6020:0:a::2 (2a00:6020:0:a::2)  82.201 ms
  8  lo1007.kr1.dc1-bor.dg-ao.de (2a00:6020:1000:3::1)  86.281 ms  84.259 
ms  85.760 ms
  9  2a00:xxxx:1000:3:yyyy:7f3d:d93e:f23d 
(2a00:xxxx:1000:3:yyyy:7f3d:d93e:f23d)  88.483 ms !X  87.579 ms !X  
88.447 ms !X

And here the mtr results (wg up and down)
https://1drv.ms/u/s!AvbzKdYzkh6gl0BVLcuR9eeWUaqj?e=9wKxSC
https://1drv.ms/u/s!AvbzKdYzkh6gl0HVwPz1FabOtemM?e=c7bCcB

>If not, you may wish to check whether the port on the machine is reachable, e.g. by running `nc -v -l -u -p 12345` on your server and then executing `echo test | nc -u [server's IP] 12345`, to check whether the message arrives at the server.

I am using the machine that is here, locally as server for many tunnels. 
So, the wireguard port is reachable.
On the remote machine, I have NOT done any port forwarding. Is that 
neccessary at all? I thought that only the machine that is NOT 
initiating the connection needs a port forwarding.

Greetings,
Hendrik

>
>
>Best,
>
>Max
>
>On 20/11/22 07:39pm, Hendrik Friedel wrote:
>>  Hello,
>>
>>  (I posted this a while ago, but it never appeared on the list; if the list is the wrong place for this question, please let me know; I would appreciate a hint for a more appropriate place)
>>
>>  I am using wireguard to connect two machines.
>>  My local server is connected  to the internet via a router. I am using theis Server also for connecting other devices (e.g. mobile phones) to my home network. This works great.
>>
>>  But when connecting to another server (both debian 10), I only get a successful connection, but no ping.
>>  *My server:*
>>
>>  wg show
>>  interface: wgnet0
>>    public key: xxxxx=
>>    private key: (hidden)
>>    listening port: 51820
>>
>>  peer: sdfsdfsdfsdfsdfsdf=
>>    endpoint: 109.41.64.83:15167
>>    allowed ips: 10.192.122.2/32
>>    latest handshake: 1 minute, 7 seconds ago
>>    transfer: 10.95 MiB received, 40.35 MiB sent
>>
>>  peer: yyyy=
>>    endpoint: 185.22.142.254:51380
>>    allowed ips: 10.192.122.3/32
>>    transfer: 0 B received, 5.20 KiB sent
>>
>>  peer: yyyy=
>>    endpoint: 93.214.229.137:64119
>>    allowed ips: 10.192.122.4/32
>>
>>  peer: yyyy=
>>    endpoint: 93.214.225.116:49819
>>    allowed ips: 10.192.122.5/32
>>
>>  peer: yyyy=
>>    allowed ips: 10.192.122.6/32
>>
>>  peer: yyyy=
>>    allowed ips: 10.192.122.7/32
>>
>>
>>  more /etc/wireguard/wgnet0.conf
>>  [Interface]
>>  Address = 10.192.122.1/24
>>  SaveConfig = true
>>  PostUp = iptables -A FORWARD -i wgnet0 -j ACCEPT; iptables -A FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>>  PostDown = iptables -D FORWARD -i wgnet0 -j ACCEPT; iptables -D FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
>>  ListenPort = 51820
>>  PrivateKey = aaa=
>>
>>  [Peer]
>>  PublicKey = yyyy=
>>  AllowedIPs = 10.192.122.2/32
>>  Endpoint = 123.41.67.233:18314
>>
>>  [Peer]
>>  PublicKey = xxx=
>>  AllowedIPs = 10.192.122.3/32
>>  Endpoint = 123.22.142.254:51380
>>
>>
>>
>>
>>
>>  ip route
>>  default via 192.168.177.1 dev eth0 proto static
>>  10.192.122.0/24 dev wgnet0 proto kernel scope link src 10.192.122.1
>>
>>  and the other side/server:
>>
>>  interface: wgnet0
>>    public key: xxxxx=
>>    private key: (hidden)
>>    listening port: 54004
>>    fwmark: 0xca6c
>>
>>  peer: yyyyy=
>>    endpoint: [2003:cb:aaa:bbb:9ec7:a6ff:fefd:3a6d]:51820
>>    allowed ips: 0.0.0.0/0
>>    transfer: 0 B received, 2.75 KiB sent
>>    persistent keepalive: every 25 seconds
>>
>>
>>
>>    more wgnet0.conf
>>  [Interface]
>>  Address = 10.192.122.3/32
>>  PrivateKey = xxxxx=
>>
>>  [Peer]
>>  PublicKey = yyyyy=
>>  Endpoint = v.myfritz.net:51820
>>  AllowedIPs = 0.0.0.0/0
>>  PersistentKeepalive = 25
>>
>>  It seems to me, that the connection is successfully established , but data is only transmitted in one direction.
>>
>>  How can I find the reason?
>>
>>  Regards,
>>  Hendrik
>>


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re[3]: Connection works, ping does not
  2020-11-23 20:37   ` Re[2]: " Hendrik Friedel
@ 2020-11-23 22:16     ` Hendrik Friedel
  0 siblings, 0 replies; 4+ messages in thread
From: Hendrik Friedel @ 2020-11-23 22:16 UTC (permalink / raw)
  To: Max R. P. Grossmann; +Cc: wireguard

Hello again,

I just realized:
I did the test using IPv6, whereas IPv4 is used for the tunnel. Having 
said that... I am not sure it is, as I use a Domain-Name... But I think 
it is IPv4.
I can repeat the test if needed using ipv4... But before that: From 
where should I do the traceroute?
a) from here (the machine that is working for many tunnels, e.g. from my 
phone to this machine and to which I have done a port forwarding) to the 
other remote machine
b) from the remote machine to here

The remote machine is headless; is there a commandline alternative to 
mtr that also shows the package loss?

Regards,
Hendrik

------ Originalnachricht ------
Von: "Hendrik Friedel" <hendrik@friedels.name>
An: "Max R. P. Grossmann" <m@max.pm>
Cc: wireguard@lists.zx2c4.com
Gesendet: 23.11.2020 21:37:24
Betreff: Re[2]: Connection works, ping does not

>Hello Max,
>
>thanks for your reply.
>
>>
>>Could it be that some kind of firewall is restricting UDP traffic to your other server?
>>
>Well, locally, I do use this machine as Host for many tunnels.
>
>
>>
>>E.g. could you try to run `mtr --udp [other server's public IP address]` on your computer (while disabling your other WireGuard connection, if applicable) and report back whether there is any kind of packet loss?
>I used traceroute on the commandline for this:
>
>Remote_
>
>wg-quick up wgnet0
>[#] ip link add wgnet0 type wireguard
>[#] wg setconf wgnet0 /dev/fd/63
>[#] ip -4 address add 10.192.122.3/32 dev wgnet0
>[#] ip link set mtu 1420 up dev wgnet0
>[#] wg set wgnet0 fwmark 51820
>[#] ip -4 route add 0.0.0.0/0 dev wgnet0 table 51820
>[#] ip -4 rule add not fwmark 51820 table 51820
>[#] ip -4 rule add table main suppress_prefixlength 0
>
>root@openmediavault:/etc/wireguard# wg show
>interface: wgnet0
>   public key: cebXSaxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxMFw=
>   private key: (hidden)
>   listening port: 42759
>   fwmark: 0xca6c
>
>peer: oNjmmmmmmmmmmmmmmmmmmmmmmmmmmmmU=
>   endpoint: [2003:cb:97ff:33d8:9ec7:a6ff:fefd:3a6d]:51820
>   allowed ips: 0.0.0.0/0
>   transfer: 0 B received, 444 B sent
>   persistent keepalive: every 25 seconds
>
>
>Local:
>traceroute to 2a00:sdfs:sdfsdf:sdfs:erre:ereee:sdf:c33a (2a00:sdfs:sdfsdf:sdfs:erre:ereee:sdf:c33a), 30 hops max, 80 byte packets
>  1  p200300cb9733ca009ec7a6fffefd3a69.dip0.t-ipconnect.de (2003:cb:9733:ca00:9ec7:a6ff:fefd:3a69)  0.946 ms  3.435 ms  3.645 ms
>  2  2003:0:8501::1 (2003:0:8501::1)  13.884 ms  13.839 ms  14.193 ms
>  3  * * *
>  4  2001:2000:3019:6b::1 (2001:2000:3019:6b::1)  86.609 ms  88.002 ms  87.874 ms
>  5  ddf-b2-v6.telia.net (2001:2000:3018:21::1)  88.137 ms  89.508 ms  89.639 ms
>  6  * * *
>  7  2a00:6020:0:b::2 (2a00:6020:0:b::2)  81.576 ms  81.989 ms 2a00:6020:0:a::2 (2a00:6020:0:a::2)  82.201 ms
>  8  lo1007.kr1.dc1-bor.dg-ao.de (2a00:6020:1000:3::1)  86.281 ms  84.259 ms  85.760 ms
>  9  2a00:xxxx:1000:3:yyyy:7f3d:d93e:f23d (2a00:xxxx:1000:3:yyyy:7f3d:d93e:f23d)  88.483 ms !X  87.579 ms !X  88.447 ms !X
>
>And here the mtr results (wg up and down)
>https://1drv.ms/u/s!AvbzKdYzkh6gl0BVLcuR9eeWUaqj?e=9wKxSC
>https://1drv.ms/u/s!AvbzKdYzkh6gl0HVwPz1FabOtemM?e=c7bCcB
>
>>If not, you may wish to check whether the port on the machine is reachable, e.g. by running `nc -v -l -u -p 12345` on your server and then executing `echo test | nc -u [server's IP] 12345`, to check whether the message arrives at the server.
>
>I am using the machine that is here, locally as server for many tunnels. So, the wireguard port is reachable.
>On the remote machine, I have NOT done any port forwarding. Is that neccessary at all? I thought that only the machine that is NOT initiating the connection needs a port forwarding.
>
>Greetings,
>Hendrik
>
>>
>>
>>Best,
>>
>>Max
>>
>>On 20/11/22 07:39pm, Hendrik Friedel wrote:
>>>  Hello,
>>>
>>>  (I posted this a while ago, but it never appeared on the list; if the list is the wrong place for this question, please let me know; I would appreciate a hint for a more appropriate place)
>>>
>>>  I am using wireguard to connect two machines.
>>>  My local server is connected  to the internet via a router. I am using theis Server also for connecting other devices (e.g. mobile phones) to my home network. This works great.
>>>
>>>  But when connecting to another server (both debian 10), I only get a successful connection, but no ping.
>>>  *My server:*
>>>
>>>  wg show
>>>  interface: wgnet0
>>>    public key: xxxxx=
>>>    private key: (hidden)
>>>    listening port: 51820
>>>
>>>  peer: sdfsdfsdfsdfsdfsdf=
>>>    endpoint: 109.41.64.83:15167
>>>    allowed ips: 10.192.122.2/32
>>>    latest handshake: 1 minute, 7 seconds ago
>>>    transfer: 10.95 MiB received, 40.35 MiB sent
>>>
>>>  peer: yyyy=
>>>    endpoint: 185.22.142.254:51380
>>>    allowed ips: 10.192.122.3/32
>>>    transfer: 0 B received, 5.20 KiB sent
>>>
>>>  peer: yyyy=
>>>    endpoint: 93.214.229.137:64119
>>>    allowed ips: 10.192.122.4/32
>>>
>>>  peer: yyyy=
>>>    endpoint: 93.214.225.116:49819
>>>    allowed ips: 10.192.122.5/32
>>>
>>>  peer: yyyy=
>>>    allowed ips: 10.192.122.6/32
>>>
>>>  peer: yyyy=
>>>    allowed ips: 10.192.122.7/32
>>>
>>>
>>>  more /etc/wireguard/wgnet0.conf
>>>  [Interface]
>>>  Address = 10.192.122.1/24
>>>  SaveConfig = true
>>>  PostUp = iptables -A FORWARD -i wgnet0 -j ACCEPT; iptables -A FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
>>>  PostDown = iptables -D FORWARD -i wgnet0 -j ACCEPT; iptables -D FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
>>>  ListenPort = 51820
>>>  PrivateKey = aaa=
>>>
>>>  [Peer]
>>>  PublicKey = yyyy=
>>>  AllowedIPs = 10.192.122.2/32
>>>  Endpoint = 123.41.67.233:18314
>>>
>>>  [Peer]
>>>  PublicKey = xxx=
>>>  AllowedIPs = 10.192.122.3/32
>>>  Endpoint = 123.22.142.254:51380
>>>
>>>
>>>
>>>
>>>
>>>  ip route
>>>  default via 192.168.177.1 dev eth0 proto static
>>>  10.192.122.0/24 dev wgnet0 proto kernel scope link src 10.192.122.1
>>>
>>>  and the other side/server:
>>>
>>>  interface: wgnet0
>>>    public key: xxxxx=
>>>    private key: (hidden)
>>>    listening port: 54004
>>>    fwmark: 0xca6c
>>>
>>>  peer: yyyyy=
>>>    endpoint: [2003:cb:aaa:bbb:9ec7:a6ff:fefd:3a6d]:51820
>>>    allowed ips: 0.0.0.0/0
>>>    transfer: 0 B received, 2.75 KiB sent
>>>    persistent keepalive: every 25 seconds
>>>
>>>
>>>
>>>    more wgnet0.conf
>>>  [Interface]
>>>  Address = 10.192.122.3/32
>>>  PrivateKey = xxxxx=
>>>
>>>  [Peer]
>>>  PublicKey = yyyyy=
>>>  Endpoint = v.myfritz.net:51820
>>>  AllowedIPs = 0.0.0.0/0
>>>  PersistentKeepalive = 25
>>>
>>>  It seems to me, that the connection is successfully established , but data is only transmitted in one direction.
>>>
>>>  How can I find the reason?
>>>
>>>  Regards,
>>>  Hendrik
>>>


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2020-11-23 22:17 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-11-22 19:39 Connection works, ping does not Hendrik Friedel
2020-11-23 17:02 ` Max R. P. Grossmann
2020-11-23 20:37   ` Re[2]: " Hendrik Friedel
2020-11-23 22:16     ` Re[3]: " Hendrik Friedel

Development discussion of WireGuard

This inbox may be cloned and mirrored by anyone:

	git clone --mirror http://inbox.vuxu.org/wireguard

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V1 wireguard wireguard/ http://inbox.vuxu.org/wireguard \
		wireguard@lists.zx2c4.com
	public-inbox-index wireguard

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.vuxu.org/vuxu.archive.wireguard


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git