search

NHAS / wag

Simple Wireguard 2FA
BSD 3-Clause "New" or "Revised" License
486 stars 27 forks source link

Cannot connect to server ui or 8080 for config #124

Closed codechirag123 closed 3 weeks ago

codechirag123 commented 3 weeks ago

So I created the VPN server as private server with no public IP. but for the VPN tunnel at UDP port 51820 I created a Global accelerator so I can successfully connect to the VPN.

However in the new version of Wag v7.3.2 I facing an issue where after connecting to the VPN tunnel I cannot access the Wag UI. Both the ports 8080 and 9000(UI) are opened in the Security group to VPC's CIDR range.

So technically, it should be accessible which is also possible in older version of wag.

Everything else in the VPC is accessed fine but not the VPN server itself.

Can anyone please help me with this? Here's the config

{
    "Proxied": false,
    "NAT": null,
    "HelpMail": "<my-email>",
    "Lockout": 5,
    "ExternalAddress": "<my-external-domain>",
    "MaxSessionLifetimeMinutes": 1440,
    "SessionInactivityTimeoutMinutes": 60,
    "ManagementUI": {
        "ListenAddress": ":9000",
        "Enabled": true
    },
    "Webserver": {
        "Public": {
            "ListenAddress": ":8080"
        },
        "Tunnel": {
            "Port": "80"
        }
    },
    "Authenticators": {
        "Issuer": "duve",
        "Methods": [
            "totp"
        ],
        "DomainURL": "",
        "OIDC": {
            "IssuerURL": "",
            "ClientSecret": "",
            "ClientID": ""
        },
        "PAM": {
            "ServiceName": ""
        }
    },
    "Wireguard": {
        "DevName": "wg0",
        "ListenPort": 51820,
        "PrivateKey": "<My-private-key>",
        "Address": "10.1.4.1/24",
        "MTU": 1420
    },
    "DatabaseLocation": "devices.db",
    "Acls": {
        "Groups": {
            "group:admin": [
                "user"
            ]
        },
        "Policies": {
            "group:admin": {
                "Mfa": [
                    "172.19.0.0/16"
                ],
                "Allow": [
                    "172.19.0.0/16"
                ]
            }
        }
    }
}
NHAS commented 3 weeks ago

Sorry, this seems like a support request rather than a feature or bug report.

I am not currently able to provide free support as it is often quite time intensive. Hopefully you can sort this out!

NHAS commented 3 weeks ago

If you do find this is a bug in wag feel free to reopen it.

codechirag123 commented 3 weeks ago

@NHAS I believe this is a bug as I was able to successfully connect in the old version but in the new version I cannot with the same config.

NHAS commented 2 weeks ago

I can see from your config this isn't a bug. You don't have ExposePorts defined, so iptables is blocking traffic to the management UI.