Internet access does not work (abuse prevention)

[showstoppre]

0 B received. Handshake did not get completed.

I thought it could be account issue. Registered a new account from a VPN and tried connecting with the new config.

Still same.

---

Edit from maintainer:

Just to give some organization to all the "internet does not work" reports. There are two known cases when this may happen:

1. If the WireGuard tunnel works on your other computer/phone, but not on this one, then it's likely an issue with your system configuration. It's generally not something I can help with, as wgcf is only responsible for providing you with a WireGuard profile, but leaving this issue open for people to share their experiences and solutions. This is tracked in #50.
2. If the WireGuard tunnel does not work on any of your devices, but the official client does, then this is likely an issue with your region being restricted due to abuse prevention. There is no solution to this problem, maybe hope that people stop abusing the service so the regions are unlocked. Use the official client in this case. This is tracked in #158.

[ViRb3]

See #50.

[showstoppre]

Thanks for the swift response. I checked there before posting this. I'm on windows. I don't think whatever I'm facing is related to that thread.

It was working fine until an hour back and never had an issue since I started using this for about 2 months.

[ViRb3]

My general response would be to test this on a fresh Ubuntu 21.10 installation and see if it works there. If not, it's definitely an issue with your Windows installation. Otherwise, could be a ton of different things that guessing would be impossible. FWIW, everything works fine here on macOS and Ubuntu.

[showstoppre]

got ya. thanks. I'll check it out. But it is weird that it was working fine until an hour back.

So I don't think it is a windows issue.

[AdroitAdorKhan]

I am facing the same issue here. It suddenly stopped working an hour or two ago.

[Juancollado2003]

wgcf suddenly stopped working today all over, it's not windows fault, looks like cloudflare banned it

[showstoppre]

@AdroitAdorKhan @Juancollado2003 are you guys on windows too?

[ViRb3]

I can confirm the issue, just started happening to me on macOS too. Will try to investigate soon.

[AdroitAdorKhan]

@AdroitAdorKhan @Juancollado2003 are you guys on windows too?

Windows 10, Debian 11, Android 11 & RouterOS 7.x. Confirmed, not working anywhere since last 2 hours (maybe).

[AdroitAdorKhan]

I can confirm the issue, just started happening to me on macOS too. Will try to investigate soon.

Could be CF changed host address or port?

[showstoppre]

I'm not sure if this is anyway related.

Cloudwarp windows client works fine for me. So I tried capturing traffic using wireshark to see if there is any difference in packets.

What caught my eye was, there is a field called wg.reserved which has value b91981 in all "wireguard protocol" traffic via warp client.

For the traffic via wireguard client, this value is 000000

[showstoppre]

I can confirm the issue, just started happening to me on macOS too. Will try to investigate soon.

Could be CF changed host address or port?

Port seems to be the same. Native warp client uses a different IP. I tried with that as well. But it didn't help

[beygolu]

Many people are having the same problem, I hope it gets resolved.

[PussAzuki]

I also encountered this problem, and I noticed that I could get a response from the end of the 6in4 tunnel, but warp showed that all the services that depended on it offline were down.

I thought the 6in4 tunnel of HE was broken. I tried to dial again many times and checked the server status page of HE. I noticed that I could get from the opposite end of the 6in4 tunnel. Everything was fine when I only used 6in4.

[icsterm]

This is weird, I'm using WARP on a Mikrotik router, stopped working 3-4 hours ago. So this is not OS related, it must be server related. Basically i get no RX packets and no handshakes.

[ViRb3]

I have just received an unofficial response from Cloudflare. Indeed, unofficial clients like WireGuard are blocked server-side due to huge amount of abuse. Exactly what form of abuse I do not know. However, the block is expected to be lifted later today, and I am working with them on a long-term solution. For now though:

:warning: Please do not use wgcf to abuse Cloudflare WARP. If wgcf allows you to do something different from using WARP on unsupported devices, please stop. Doing so will get all of us banned permanently.

[showstoppre]

The block seems to have been lifted. It's working for me.

[ViRb3]

I can confirm it works here too. Leaving this issue for visibility, though.

[gvccvwangmingn2]

prepare for the worst, use the warp-cli for linux or official clients for windows/macos.

since the beginning cloudflare never supports unofficial clients or use own wg config for WARP, so don't cry if they block it again...

[ghost]

First time trying out wgcf but I have no internet. No idea if it's my setup or it's being block again.

Get "https://api.cloudflareclient.com/v0a1922/reg/aa72d4c8-f9b6-41ba-849f-667451dfec47": dial tcp: lookup api.cloudflareclient.com on [::1]:53: read udp [::1]:35982->[::1]:53: read: connection refused

Using Fedora Silverblue with nmcli

[theSaSo]

Mine on Windows doesn't work either. Perhaps the block was re-initiated.

[Fearyncess]

ipv6 endpoint seems be removed?

[Bleestones]

Now, it is working!

[lehoangnb]

Now, it is working!

Hi, did you change anything?? still doesn't work for me

[zengxs]

Now, it is working!

Hi, did you change anything?? still doesn't work for me

It seems to be region related, I tested Tokyo's network already works, but Hong Kong's still doesn't.

[tazihad]

Doesn't work for me either. Works with official app. I used to config the NetworkManager with this config in linux. Which also stopped working for few days. This is the error I get.

./wgcf register
2022/03/07 05:52:48 Using config file: wgcf-account.toml
This project is in no way affiliated with Cloudflare
Cloudflare's Terms of Service: https://www.cloudflare.com/application/terms/
✔ Yes
2022/03/07 05:52:49 Post "https://api.cloudflareclient.com/v0a1922/reg": dial tcp: lookup api.cloudflareclient.com on [::1]:53: read udp [::1]:36907->[::1]:53: read: connection refused

[dongle-the-gadget]

I'm not sure if this is anyway related.

Cloudwarp windows client works fine for me. So I tried capturing traffic using wireshark to see if there is any difference in packets.

What caught my eye was, there is a field called wg.reserved which has value b91981 in all "wireguard protocol" traffic via warp client.

For the traffic via wireguard client, this value is 000000

That's Cloudflare's clientid, which is used for routing.

[PeakGymnast]

Does cloudflare plan to set some restriction for users this days? i even can not connect server properly using official Android APP

[dongle-the-gadget]

I can connect via the official Windows client though.

[PeakGymnast]

I can connect via the official Windows client though.

neither can Android app nor window client connect successfully😭😭

[mishailovic]

Hey guys! Seems like I found solution, I just changed endpoint from engage.cloudflareclient.com to 162.159.192.1 as mentioned in this article. @ViRb3 would be nice if you change url in config generator.

If you faced such problem, please do the following and try to connect again, and check if your problem still exists

[dongle-the-gadget]

Hey guys! Seems like I found solution, I just changed endpoint from engage.cloudflareclient.com to 162.159.192.1 as mentioned in this article. @ViRb3 would be nice if you change url in config generator.

If you faced such problem, please do the following and try to connect again, and check if your problem still exists

It seems that HKG server doesn't work.

[mishailovic]

Hey guys! Seems like I found solution, I just changed endpoint from engage.cloudflareclient.com to 162.159.192.1 as mentioned in this article. @ViRb3 would be nice if you change url in config generator. If you faced such problem, please do the following and try to connect again, and check if your problem still exists

It seems that HKG server doesn't work.

I cannot check if it works because I live in another country, however my problem with android wireguard client got fixed

[PeakGymnast]

Hey guys! Seems like I found solution, I just changed endpoint from engage.cloudflareclient.com to 162.159.192.1 as mentioned in this article. @ViRb3 would be nice if you change url in config generator. If you faced such problem, please do the following and try to connect again, and check if your problem still exists

It seems that HKG server doesn't work.

I cannot check if it works because I live in another country, however my problem with android wireguard client got fixed

unfortunately, this method doesn't work for me in china. Therefore, it is more likely that Network ISP blocked the connection potentially. I have changed the endpoint from default domain to unique ip address, but nothing fixed

[mishailovic]

So we may close this discussion? Issue seems to be only China related

[proletarius101]

So we may close this discussion? Issue seems to be only China related

• HK is not China...
• HK doesn't have the state firewall (GFW), nor IP filtering
• the official client can connect without issues, from reports

[dongle-the-gadget]

This is more of a problem with the HKG (Hong Kong) colocation instead of China.

[kraisak]

still cannot connect using wireguard but can connect with official windows client

[Bleestones]

So we may close this discussion? Issue seems to be only China related

For me, at the first time when this issue happened I got this problem too. But nowadays this problem is solved. I did nothing to solve this problem.

[dongle-the-gadget]

So we may close this discussion? Issue seems to be only China related

For me, at the first time when this issue happened I got this problem too. But nowadays this problem is solved. I did nothing to solve this problem.

I believe the initial cause is due to a ban on unofficial clients, however now not sure what is happening within HKG.

[PeakGymnast]

It is more likely to confirm that we all encounter this issue when server located in HKG, So Any idea of customizing server location?

Few days ago, when i created wireguard configuration and then connected to server, it went well at first. But the second time i connected, wireguard got no respond unexpectedly

And the data log👇

[mishailovic]

So Any idea of customizing server location?

AFAIK you cannot customize it, it will choose server with lowest ping

[PeakGymnast]

i guess i have found the solution of no responding in China

i just went to set private dns on the phone

And then expected this would help working for me. So i tired to use 4G network to get connect through official warp application. luckily, the app got good connected, before that i even can not connected directly.

I checked out the connection data in order to get the right configuration for wireguard, the endpoint redirected to 162.159.192.5:2408 and therefore the warp server changed as same as the setting of private dns which is no more HKG

I am now using free private dns provided from Alibaba, there are other private dns supporter, the connection speed goes rapidly than official application through wireguard

Google: dns.google

Cloudflare: http://1dot1dot1dot1.cloudflare-dns.com

Quad9: http://dns.quad9.net

CleanBrowsing: http://security-filter-dns.cleanbrowsing.org

红鱼 DNS: http://dns.rubyfish.cn

[dongle-the-gadget]

Changing IP endpoint to 162.159.192.5 doesn't help me in this case.

[dongle-the-gadget]

I believe that in order to properly handle rerouted servers we would have to generate a client ID in the reserved portion of the payload.

[PeakGymnast]

I believe that in order to properly handle rerouted servers we would have to generate a client ID in the reserved portion of the payload.

I don't know, but it is now working for me

[dongle-the-gadget]

That seems to be more of a workaround to redirect traffic in a fully operational server instead of handling routing.

[dongle-the-gadget]

Maybe each servers supporting WARP traffic @ Cloudflare behaves similarly to engage?

[PeakGymnast]

I have been using wireguard functionally these days, but what confused me is that this configuration does only connected a few minutes and the useage of network data never exceeded over the maximum of 1 GB per each connection. And then closed by remote server

So there appeared another question，when i used Android tool to export the configuration of warp. I noticed that there was some different length between official private key and warp private key.

[dongle-the-gadget]

It is normal for the private key to be longer than the public key.