Line unrecognized: `Address=10.10.10.10/24' Configuration parsing error

[TheRealVira]

This is happening when trying to load the following config file by using sudo wg setconf wg0 wireguard.conf:

[Interface]
Address = 10.10.10.10/24
SaveConfig = true
ListenPort = 51820
PrivateKey = xxx

[Peer]
PublicKey = xxx
AllowedIPs = 10.10.10.11/24
Endpoint = xxx

Output:

Line unrecognized: `Address=10.10.10.10/24'
Configuration parsing error

[MichaelVasilyev]

I believe that "/24" in address line is the reason

Johanna Rührig notifications@github.com 6 марта 2021 г. 18:50:29 написал:

This is happening when trying to load the following config file by using sudo wg setconf wg0 wireguard.conf: [Interface] Address = 10.10.10.10/24 SaveConfig = true ListenPort = 51820 PrivateKey = xxx [Peer] PublicKey = xxx AllowedIPs = 10.10.10.11/24 Endpoint = xxx

Output: Line unrecognized: `Address=10.10.10.10/24' Configuration parsing error

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

[TheRealVira]

It does not work with /32 or without any /* either.

[TheRealVira]

I am generally unable to get any connection when using wireguard-vyatta-ubnt. My config based on the configuration commands:

set interfaces wireguard wg0 address 10.10.10.10/32
set interfaces wireguard wg0 listen-port 51820
set interfaces wireguard wg0 mtu 1420
set interfaces wireguard wg0 peer xxx allowed-ips 10.10.10.11/32
set interfaces wireguard wg0 peer xxx endpoint 'xxx:51820'
set interfaces wireguard wg0 private-key /config/auth/wg.key
set interfaces wireguard wg0 route-allowed-ips true

(show configuration commands | grep wg0)

[TheRealVira]

xxx@xxx# show interfaces wireguard
 wireguard wg0 {
     address 10.10.10.10/32
     firewall {
         out {
             name Wireguard
         }
     }
     listen-port 51820
     mtu 1420
     peer xxx {
         allowed-ips 10.10.10.11/32
         endpoint xxx:51820
     }
     private-key /config/auth/wg.key
     route-allowed-ips true
 }

[inzi]

Couple of items. I've still trying to learn how to make this route, and my site to site is still not working in my environment, but here's one thing I see:

Use a different network for the wireguard address, I think you're supposed to do that..

so make config look like this, perhaps:

set interfaces wireguard wg0 address 10.100.100.10/32 set interfaces wireguard wg0 listen-port 51820 set interfaces wireguard wg0 mtu 1420 set interfaces wireguard wg0 peer xxx allowed-ips 10.100.100.0/24 set interfaces wireguard wg0 peer xxx allowed-ips 10.10.10.0/24 set interfaces wireguard wg0 peer xxx endpoint 'xxx:51820' set interfaces wireguard wg0 private-key /config/auth/wg.key set interfaces wireguard wg0 route-allowed-ips true

This way - the wireguard connection will be a network of 10.100.100.0/24.

[whiskerz007]

The WireGuard address CIDR needs to encompass the addresses of the remote connections. The peer allowed-ips needs to have at least the remote WireGuard connection's address with /32 and any additional CIDR networks you want to routes.

[inzi]

So, in other words, it should look like this?:

set interfaces wireguard wg0 address 10.100.100.10/24 set interfaces wireguard wg0 listen-port 51820 set interfaces wireguard wg0 mtu 1420 set interfaces wireguard wg0 peer xxx allowed-ips 10.100.100.0/24 set interfaces wireguard wg0 peer xxx allowed-ips 10.10.10.0/24 set interfaces wireguard wg0 peer xxx endpoint 'xxx:51820' set interfaces wireguard wg0 private-key /config/auth/wg.key set interfaces wireguard wg0 route-allowed-ips true

This way the 10.100.100.0/24 network is "visible" by the WG interfaces as being local, allowing routes to traverse the connection.

Correct?

[whiskerz007]

@inzi Please refer to the documentation in the readme for this repo. Pay close attention to the CIDR notation. Your configuration should be modeled after that example. Let us know if you need further assistance.

[LF-DevJourney]

You can use wg-quick which support the Address config. wg-quick up /etc/wireguard/wg0.conf. I guess the wg and wg-quick support different config file.