search

amnezia-vpn / amneziawg-tools

Tools for configuring Amnezia-WG
https://www.wireguard.com
GNU General Public License v2.0
85 stars 25 forks source link

awg-quick can't up interface with peers preconfigured #17

Closed onyx-zup closed 1 month ago

onyx-zup commented 1 month ago

aws instance, amnesiawg can fire up awg0 only with no peers in awg0.conf, otherwise "Unable to modify interface: Operation not supported" error

root@aws-client:/etc/amnezia/amneziawg# cat awg0.conf 
[Interface]
Address = 10.11.0.5/32
PrivateKey = |clent-privkey|
Jc = 10
Jmin = 100
Jmax = 1000
S1 = 50
S2 = 500
H1 = 111
H2 = 222
H3 = 333
H4 = 444
root@aws-client:/etc/amnezia/amneziawg# awg set awg0 peer  |server-pubkey|  endpoint |server-ip|:42850 allowed-ips 10.11.0.0/24 persistent-keepalive 20

root@aws-client:/etc/amnezia/amneziawg# awg
interface: awg0
  public key: |client-pubkey|
  private key: (hidden)
  listening port: 36730
  jc: 10
  jmin: 100
  jmax: 1000
  s1: 50
  s2: 500
  h1: 111
  h2: 222
  h3: 333
  h4: 444

peer: |server-pubkey|
  endpoint: |server-ip|:42850
  allowed ips: 10.11.0.0/24
  latest handshake: 32 seconds ago
  transfer: 7.73 MiB received, 318.78 MiB sent
  persistent keepalive: every 20 seconds

root@aws-client:/etc/amnezia/amneziawg# awg-quick save awg0
[#] awg showconf awg0
root@aws-client:/etc/amnezia/amneziawg# cat awg0.conf 
[Interface]
Address = 10.11.0.5/32
ListenPort = 36730
PrivateKey = |clent-privkey|
Jc = 10
Jmin = 100
Jmax = 1000
S1 = 50
S2 = 500
H1 = 111
H2 = 222
H3 = 333
H4 = 444

[Peer]
PublicKey = |server-pubkey|
AdvancedSecurity = on
AllowedIPs = 10.11.0.0/24
Endpoint = |server-ip|:42850
PersistentKeepalive = 20

root@aws-client:/etc/amnezia/amneziawg# awg-quick down awg0 [#] ip link delete dev awg0


- and trying to start over again

root@aws-client:/etc/amnezia/amneziawg# awg-quick up awg0 [#] ip link add awg0 type amneziawg [#] awg setconf awg0 /dev/fd/63 Unable to modify interface: Operation not supported [#] ip link delete dev awg0



# it will not start until i remove Peer section from awg0.conf
onyx-zup commented 1 month ago

Yes, i have kernel module installed and running

# lsmod |grep wg
amneziawg             102400  0
libchacha20poly1305    16384  2 amneziawg,wireguard
ip6_udp_tunnel         16384  2 amneziawg,wireguard
udp_tunnel             24576  2 amneziawg,wireguard
curve25519_x86_64      36864  2 amneziawg,wireguard
libcurve25519_generic    49152  3 amneziawg,curve25519_x86_64,wireguard
dragon1020 commented 1 month ago

You don't have to delete all "[Peer]" sections. "AdvancedSecurity = on" strings will be enough. That's weird, but works for me. :-/

onyx-zup commented 1 month ago

Confirmed! this setup works pretty stable for me

leninalive commented 1 month ago

Kernel module has been updated and this problem should have been fixed. Please check out and re-open this issue if needed.