i can not connect to wireguard with wstunnel in windows

erebe / wstunnel

Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available

Other

3.17k stars 287 forks source link

i can not connect to wireguard with wstunnel in windows #252

Closed evangelme closed 2 weeks ago

evangelme commented 1 month ago

my wireguard conf client is: [Interface] PrivateKey ="-------" Address = 172.16.0.2/32 DNS = 8.8.8.8 MTU = 1300

[Peer] PublicKey = "----------" AllowedIPs = 0.0.0.0/0 Endpoint = 127.0.0.1:51820

and my command for ws tunnel is start wstunnel.exe client --http-upgrade-path-prefix wstunnel -L "udp://127.0.0.1:51820:127.0.0.1:51820" "wss://85.239.61.247:443" when i first start wstunnel

Opening TCP connection to 85.239.61.247:443 Doing TLS handshake using SNI IpAddress(85.239.61.247) with the server 85.239.61.247:443

so wstunnel run but when i connect to wireguard it block the wstunnel and i have no connection what should i do?

AlexTransit commented 1 month ago

Endpoint = 127.0.0.1:51820 localhost may be resolve ipv6

worked on linux wstunnel client -L 'udp://51820:127.0.0.1:51820?timeout_sec=0' wss://85.239.61.247:443 --http-upgrade-path-prefix=blabla

evangelme commented 1 month ago

no it did not fix the problem but tnx for reply man when i connect to wireguard wstunnel dose not work

erebe commented 1 month ago

Be sure to disable the kill switch like in https://github.com/erebe/wstunnel/issues/247#issuecomment-2028469267

and don't forget to add a static route to your server.

evangelme commented 1 month ago

i try this as well but it dose not work but tnx for reply

erebe commented 1 month ago

Are you sure you have set a static route to your server ? If you have done it, and it still does not works, it mean your wireguard is not correctly setup. Try using a specific range of Allowed IPs instead of 0.0.0.0/0 at first

evangelme commented 1 month ago

i find out the problem when you connect the wireguard it block the server wstunnel ip you should use https://www.procustodibus.com/blog/2021/03/wireguard-allowedips-calculator/

for allowed ip for example if your server's ip is: 8.8.8.8 you should block wireguard 8.8.8.8 ip for example in this situation your AllowedIPs should be AllowedIPs = 0.0.0.0/5, 8.0.0.0/13, 8.8.0.0/21, 8.8.8.0/29, 8.8.8.9/32, 8.8.8.10/31, 8.8.8.12/30, 8.8.8.16/28, 8.8.8.32/27, 8.8.8.64/26, 8.8.8.128/25, 8.8.9.0/24, 8.8.10.0/23, 8.8.12.0/22, 8.8.16.0/20, 8.8.32.0/19, 8.8.64.0/18, 8.8.128.0/17, 8.9.0.0/16, 8.10.0.0/15, 8.12.0.0/14, 8.16.0.0/12, 8.32.0.0/11, 8.64.0.0/10, 8.128.0.0/9, 9.0.0.0/8, 10.0.0.0/7, 12.0.0.0/6, 16.0.0.0/4, 32.0.0.0/3, 64.0.0.0/2, 128.0.0.0/1 to let the client side connect to server. you can do ip route for windows as well but it is harder.

@erebe thankyou for your great job realllly tnx. do you have plan to do it for andorid and ios?