micahmo / WgServerforWindows

Wg Server for Windows (WS4W) is a desktop application that allows running and managing a WireGuard server endpoint on Windows
MIT License
944 stars 92 forks source link

Wireguard server conflict with Surshark VPN on Windows - Fixed #170

Open Bkeith-4ever opened 1 month ago

Bkeith-4ever commented 1 month ago

First, thanks so much for writing this utility. It worked great on my Windows 11 Home install which had to use ICS instead of NAT, I was able to connect an android client and everything seemed to work great.

Unfortunately it seems to conflict with my prior Surfhshark VPN install on the same Windows PC. SS can't connect any more using wireguard and when I use the other options (Openvpn tcp or udp) it won't connect or if it does, only connects for a few seconds and then drops again or it allows uploads but not downloads (SS using OpenVPN UDP is doing this currently).

I've uninstalled and re-installed SS (and rebooted), when I start SS it gives me a warning that I'm running another VPN and I should disconnect it to avoid problems. Sometimes it gives me this warning even if the WireGuard service is stopped (WireGuard Tunnel: wg_server), still testing all this out. Has anyone reported anything like this? Any thoughts on what I might try for troubleshooting?

Quick followup reading about multiple wireguard interfaces on windows and on this site https://superuser.com/questions/1728801/how-to-use-multiple-vpn-clients-with-wireguard-on-windows it mentioned a possible problem with using 0.0.0.0/0 for "allowed IPs" as that can cause Windows to activate a kill-switch/block-untunnelled-traffic setting. I'll reinstall wireguard with wgserver and try changing that setting per that site. Their explanation makes sense since I was having the problem even without running the new wireguard server. Further followup, changing this on the WG server config didn't make a difference and that posting seemed to be addressing VPN clients, not servers. My PC is the SS client; SS has a kill-switch option that is toggled off and I have it set to only route one specific app right now. Since the problem is with the initial connection and/or handshake to the SS server and the problem goes away when I uninstall WG, it must be some configuration created by the WG install causing the problem.

Bkeith-4ever commented 1 month ago

Switching from ICS to NAT seems to have resolved the problem. SS can now connect using WG protocol again, even while the new Wireguard server/service is running. I installed Hyper-V on windows home 11 version 23H2 using the script below (virtualization was already enabled in BIOS), ran the 'enable NAT' step in WGS4W and everything works great. Thanks again for writing this utility. -Update on this, SurfShark and WireGuard are interacting somehow, having to do with which one is started first. If I start the WG interface but don't activate the service and adapter, SS can't connect with WG protocol (but CAN connect with OpenVPN). If I then activate the WG service, SS CAN connect using WG protocol and all is well. If I start SS and connect using the WG protocol, then the standalone WG service CANNOT activate. If I drop the SS-WG connection or switch it to an OpenVPN protocol, the standalone WG service CAN activate. It's workable but weird. When I run tests like pinging from a specific IP address, or 'whatismyip' to check whether I'm actually using SurfShark, everything responds like you would expect as if SS and WG were totally independent and unaware of each other (once they are both running at the same time).

just saw that the gui can be refreshed with F5 key so thanks!

Here's the Hyper-V install script, it just gets saved as a .bat file and run as admin followed by a restart: pushd "%~dp0" dir /b %SystemRoot%\servicing\Packages*Hyper-V*.mum >hv-home.txt for /f %%i in ('findstr /i . hv-home.txt 2^>nul') do dism /online /norestart /add-package:"%SystemRoot%\servicing\Packages\%%i" del hv-home.txt Dism /online /enable-feature /featurename:Microsoft-Hyper-V -All /LimitAccess /ALL pause