From: "Hendrik Friedel" <hendrik@friedels.name>
To: wireguard@lists.zx2c4.com
Subject: Connection works, ping does not
Date: Sun, 22 Nov 2020 19:39:59 +0000 [thread overview]
Message-ID: <embf875782-3b93-421c-bb54-3c3566b671bb@desktop-g0r648m> (raw)
Hello,
(I posted this a while ago, but it never appeared on the list; if the list is the wrong place for this question, please let me know; I would appreciate a hint for a more appropriate place)
I am using wireguard to connect two machines.
My local server is connected to the internet via a router. I am using theis Server also for connecting other devices (e.g. mobile phones) to my home network. This works great.
But when connecting to another server (both debian 10), I only get a successful connection, but no ping.
*My server:*
wg show
interface: wgnet0
public key: xxxxx=
private key: (hidden)
listening port: 51820
peer: sdfsdfsdfsdfsdfsdf=
endpoint: 109.41.64.83:15167
allowed ips: 10.192.122.2/32
latest handshake: 1 minute, 7 seconds ago
transfer: 10.95 MiB received, 40.35 MiB sent
peer: yyyy=
endpoint: 185.22.142.254:51380
allowed ips: 10.192.122.3/32
transfer: 0 B received, 5.20 KiB sent
peer: yyyy=
endpoint: 93.214.229.137:64119
allowed ips: 10.192.122.4/32
peer: yyyy=
endpoint: 93.214.225.116:49819
allowed ips: 10.192.122.5/32
peer: yyyy=
allowed ips: 10.192.122.6/32
peer: yyyy=
allowed ips: 10.192.122.7/32
more /etc/wireguard/wgnet0.conf
[Interface]
Address = 10.192.122.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i wgnet0 -j ACCEPT; iptables -A FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i wgnet0 -j ACCEPT; iptables -D FORWARD -o wgnet0 -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PrivateKey = aaa=
[Peer]
PublicKey = yyyy=
AllowedIPs = 10.192.122.2/32
Endpoint = 123.41.67.233:18314
[Peer]
PublicKey = xxx=
AllowedIPs = 10.192.122.3/32
Endpoint = 123.22.142.254:51380
ip route
default via 192.168.177.1 dev eth0 proto static
10.192.122.0/24 dev wgnet0 proto kernel scope link src 10.192.122.1
and the other side/server:
interface: wgnet0
public key: xxxxx=
private key: (hidden)
listening port: 54004
fwmark: 0xca6c
peer: yyyyy=
endpoint: [2003:cb:aaa:bbb:9ec7:a6ff:fefd:3a6d]:51820
allowed ips: 0.0.0.0/0
transfer: 0 B received, 2.75 KiB sent
persistent keepalive: every 25 seconds
more wgnet0.conf
[Interface]
Address = 10.192.122.3/32
PrivateKey = xxxxx=
[Peer]
PublicKey = yyyyy=
Endpoint = v.myfritz.net:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 25
It seems to me, that the connection is successfully established , but data is only transmitted in one direction.
How can I find the reason?
Regards,
Hendrik
next reply other threads:[~2020-11-23 16:42 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-22 19:39 Hendrik Friedel [this message]
2020-11-23 17:02 ` Max R. P. Grossmann
2020-11-23 20:37 ` Re[2]: " Hendrik Friedel
2020-11-23 22:16 ` Re[3]: " Hendrik Friedel
2020-11-28 16:50 ` Re[4]: " Hendrik Friedel
2020-11-29 14:20 ` Nikolai Lusan
2020-11-29 15:42 ` Re[6]: " Hendrik Friedel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=embf875782-3b93-421c-bb54-3c3566b671bb@desktop-g0r648m \
--to=hendrik@friedels.name \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).