search

angristan / wireguard-install

WireGuard VPN installer for Linux servers
https://stanislas.blog/2019/01/how-to-setup-vpn-server-wireguard-nat-ipv6/
MIT License
8.12k stars 1.32k forks source link

Not working on oracle cloud. #339

Closed HyptexPvP closed 2 years ago

HyptexPvP commented 2 years ago

Im attempting to make a simple Wireguard Server but it wont work when i try to go on a website or do connect anything at all.

[Interface] PrivateKey = 4N/MdUMZz6Hhd9E/dpFqlGtRa4lY0e1R9cMp/+/41mk= Address = 10.66.66.2/32,fd42:42:42::2/128 DNS = 1.1.1.1,1.0.0.1

[Peer] PublicKey = ZiTpSXFx2iHR2lvIMTpDLKXwYX/lmDLz0zvGbY+pGFU= PresharedKey = fu3P9D9t70n8XD4sWlQ3YcgAIkMMFesqeLuvyAc6S+U= Endpoint = 10.0.0.120:55718 AllowedIPs = 0.0.0.0/0,::/0

I think ive tried most things here, but nothing fixes it.

Sirherobrine23 commented 2 years ago

read this issue: #321, that's don't work send reply.

HyptexPvP commented 2 years ago

tried it, didnt work this is the entire log

`[opc@stellar vpn]$ sudo ./wireguard-install.sh Welcome to the WireGuard installer! The git repository is available at: https://github.com/angristan/wireguard-install

I need to ask you a few questions before starting the setup. You can leave the default options and just press enter if you are ok with them.

IPv4 or IPv6 public address: 140.238.147.242 Public interface: enp0s3 WireGuard interface name: wg0 Server's WireGuard IPv4: 140.238.147.242 Server's WireGuard IPv6: fd42:42:42::1 Server's WireGuard port [1-65535]: 55718 First DNS resolver to use for the clients: 1.1.1.1 Second DNS resolver to use for the clients (optional): 1.0.0.1

Okay, that was all I needed. We are ready to setup your WireGuard server now. You will be able to generate a client at the end of the installation. Press any key to continue...dInvalid configuration value: failovermethod=priority in /etc/yum.repos.d/nodesource-el8.repo; Configuration: OptionBinding with id "failovermethod" does not exist Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/nodesource-el8.repo; Configuration: OptionBinding with id "failovermethod" does not exist Last metadata expiration check: 0:07:23 ago on Sat 30 Apr 2022 12:21:54 AM GMT. Package oraclelinux-developer-release-el8-1.0-7.el8.aarch64 is already installed. Dependencies resolved. Nothing to do. Complete! Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/nodesource-el8.repo; Configuration: OptionBinding with id "failovermethod" does not exist Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/nodesource-el8.repo; Configuration: OptionBinding with id "failovermethod" does not exist Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/nodesource-el8.repo; Configuration: OptionBinding with id "failovermethod" does not exist Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/nodesource-el8.repo; Configuration: OptionBinding with id "failovermethod" does not exist Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/nodesource-el8.repo; Configuration: OptionBinding with id "failovermethod" does not exist Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/nodesource-el8.repo; Configuration: OptionBinding with id "failovermethod" does not exist Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/nodesource-el8.repo; Configuration: OptionBinding with id "failovermethod" does not exist Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/nodesource-el8.repo; Configuration: OptionBinding with id "failovermethod" does not exist Developer Preview of UEK Release 6 (aarch64) 39 kB/s | 3.0 kB 00:00
Package iptables-1.8.4-20.0.1.el8.aarch64 is already installed. Dependencies resolved.

Package Architecture Version Repository Size

Installing: qrencode aarch64 3.4.4-5.el8 ol8_appstream 26 k wireguard-tools aarch64 1.0.20210914-1.el8 epel 128 k Installing dependencies: qrencode-libs aarch64 3.4.4-5.el8 ol8_appstream 57 k

Transaction Summary

Install 3 Packages

Total download size: 212 k Installed size: 545 k Downloading Packages: (1/3): qrencode-libs-3.4.4-5.el8.aarch64.rpm 359 kB/s | 57 kB 00:00
(2/3): qrencode-3.4.4-5.el8.aarch64.rpm 145 kB/s | 26 kB 00:00
(3/3): wireguard-tools-1.0.20210914-1.el8.aarch64.rpm 666 kB/s | 128 kB 00:00

Total 443 kB/s | 212 kB 00:00
Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : qrencode-libs-3.4.4-5.el8.aarch64 1/3 Installing : qrencode-3.4.4-5.el8.aarch64 2/3 Installing : wireguard-tools-1.0.20210914-1.el8.aarch64 3/3 Running scriptlet: wireguard-tools-1.0.20210914-1.el8.aarch64 3/3 Verifying : wireguard-tools-1.0.20210914-1.el8.aarch64 1/3 Verifying : qrencode-3.4.4-5.el8.aarch64 2/3 Verifying : qrencode-libs-3.4.4-5.el8.aarch64 3/3

Installed: qrencode-3.4.4-5.el8.aarch64 qrencode-libs-3.4.4-5.el8.aarch64 wireguard-tools-1.0.20210914-1.el8.aarch64

Complete! 1786

Tell me a name for the client. The name must consist of alphanumeric character. It may also include an underscore or a dash and can't exceed 15 chars. Client name: Client Client's WireGuard IPv4: 140.238.147.3 Client's WireGuard IPv6: fd42:42:42::3

Here is your client config file as a QR Code: I deleted this It is also available in /home/opc/wg0-client-Client.conf If you want to add more clients, you simply need to run this script another time! [opc@stellar vpn]$ sudo iptables -F [opc@stellar vpn]$ sudo iptables-save | sudo tee /etc/iptables/rules.v4

Generated by iptables-save v1.8.4 on Sat Apr 30 00:31:20 2022

*nat :PREROUTING ACCEPT [3:468] :INPUT ACCEPT [2:120] :POSTROUTING ACCEPT [117:8338] :OUTPUT ACCEPT [117:8338] COMMIT

Completed on Sat Apr 30 00:31:20 2022

Generated by iptables-save v1.8.4 on Sat Apr 30 00:31:20 2022

*filter :INPUT ACCEPT [1623:608060] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1176:563198] :BareMetalInstanceServices - [0:0] COMMIT

Completed on Sat Apr 30 00:31:20 2022

Generated by iptables-save v1.8.4 on Sat Apr 30 00:31:20 2022

*security :INPUT ACCEPT [1622:607712] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1559:594417] COMMIT

Completed on Sat Apr 30 00:31:20 2022

Generated by iptables-save v1.8.4 on Sat Apr 30 00:31:20 2022

*raw :PREROUTING ACCEPT [1623:608060] :OUTPUT ACCEPT [1559:594417] COMMIT

Completed on Sat Apr 30 00:31:20 2022

Generated by iptables-save v1.8.4 on Sat Apr 30 00:31:20 2022

*mangle :PREROUTING ACCEPT [1623:608060] :INPUT ACCEPT [1623:608060] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [1559:594417] :POSTROUTING ACCEPT [1559:594417] COMMIT

Completed on Sat Apr 30 00:31:20 2022

[opc@stellar vpn]$ sudo reboot

Sirherobrine23 commented 2 years ago

you can send vm configuration and more system info. i am attempt create you issue in my VM. It may be that it sends you a reply a little slowly.

HyptexPvP commented 2 years ago

This is the general configuartion image This is the firewall config image

Sirherobrine23 commented 2 years ago

ok, Just tested here and get network traffic to access my vm.

Clean iptables and add port to firewalld

WG_PORT=<Wireguard Port here>
sudo iptables -F
sudo firewall-cmd --zone=public --permanent --add-port=${WG_PORT}/udp
sudo firewall-cmd --reload

After config firewalld and flush iptables, run normally wireguard-install.sh and finally reboot system.

Sirherobrine23 commented 2 years ago

And in the Oracle cloud painel security group in Egress rule, Remove Source port let empty this value.

HyptexPvP commented 2 years ago

It works now! Thank you

Sirherobrine23 commented 2 years ago

Thanks for you.