Open mlathrop-bell opened 3 years ago
1) Did you allow port 51820 through your wan-local firewall?
set firewall name WAN_LOCAL rule 30 action accept set firewall name WAN_LOCAL rule 30 description 'Accept Wireguard VPN server connections' set firewall name WAN_LOCAL rule 30 destination port 51820 set firewall name WAN_LOCAL rule 30 log disable set firewall name WAN_LOCAL rule 30 protocol udp set firewall name WAN_LOCAL rule 30 source address 0.0.0.0/0 set firewall name WAN_LOCAL rule 30 state established enable set firewall name WAN_LOCAL rule 30 state new enable set firewall name WAN_LOCAL rule 30 state related enable
2) The /24 is appropriate for the wg0 interface
set interfaces wireguard wg0 address 192.168.55.4/24
3) Although not truly required, I like to add a /32 for the "Server" in the allowed IPs
set interfaces wireguard wg0 peer
allowed-ips 192.168.55.1/32
Hello,
Try adding outbound masquerading for wg0 on your EdgeRouter X
configure set service nat rule 5000 description 'WireGuard' set service nat rule 5000 outbound-interface wg0 set service nat rule 5000 type masquerade commit save
I've been banging my head on this issue for a whole day and I'm hoping someone can shed some light.
I have a ubuntu server running wireguard in docker and I can connect to that from an ubuntu machine on my network. I also have an edgerouter X on the network (it is behind a NAT. Currently just serves as a DHCP server). When I use the exact same config on the edgerouter the connection won't allow me to ping like I can from the ubuntu machine.
The config file running on the ubuntu machine that works with
wg-quick up
However when I run the below commands on the edge router (which I just reset to factory settings other than changing the IP/network of eth0 to 192.168.113.2/24 I can see the wg0 interface get created and it shows "connected" in the GUI but I can't ping over it and it shows no traffic received when I run
sudo wg show
For reference the server config looks like this:
Any pointers would be appreciated!