Cannot create tunnel service - it doesn't do anything

[DavidIlie]

Title pretty much says it all, I don't know what else to provide.

Before I used to be able to set it all up, but in testing I destroyed my internet connection so I deleted the tunnel from Network and Sharing center manually while testing and now after a reboot I cannot get it working.

Any help would be appreciated, thank you.

[DavidIlie]

It is stuck like this with the error cursor on my mouse.

[micahmo]

Can you try Uninstall WireGuard and then Download and install WireGuard to reset things?

[DavidIlie]

I've already tried doing that and it hasn't done anything

[micahmo]

Hmm, not sure what's messed up. That option in the UI just invokes the wireguard.exe CLI. Can you try running this command form an elevated PowerShell?

wireguard.exe /installtunnelservice $env:appdata\WS4W\server_wg\wg_server.conf

[DavidIlie]

I have and it says it has removed it but the problem is still there.

On Sun, Feb 26, 2023 at 8:55 PM Micah Morrison @.***> wrote:

Hmm, not sure what's messed up. That option in the UI just invokes the wireguard.exe CLI. Can you try running this command form an elevated PowerShell?

wireguard.exe /installtunnelservice $env:appdata\WS4W\server_wg\wg_server.conf

— Reply to this email directly, view it on GitHub https://github.com/micahmo/WgServerforWindows/issues/99#issuecomment-1445464807, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALLD2DHMOOAWIUT6S4IMN63WZO7NFANCNFSM6AAAAAAVIQ2SWE . You are receiving this because you authored the thread.Message ID: @.***>

[micahmo]

What do you mean by "it says it has removed it"? The command I sent is supposed to install the tunnel, not remove it. On my system, where it runs successfully, there is no output. What do you see when you run it?

[DavidIlie]

Still doesn't work. Sorry i understood it wrong

[micahmo]

Have you tried uninstalling from the CLI?

wireguard.exe /uninstalltunnelservice wg_server

If you open ncpa.cpl, is there an entry for wg_server?

Can you open the WireGuard app on Windows, go to the Log tab, and watch it while you run the uninstall/install CLI commands?

[mtkarp]

I recently ran into this same issue after properly installing and configuring wg server. It was operating properly for multiple months and then stopped working. Running installtunnelservice from the CLI indicated the tunnel service was already installed, but the UI didn't reflect this. Additionally, as shown above, the UI indicated the private network and NAT Routing were not setup when they were previously. Furthermore, running uninstalltunnelservice did not appear to properly uninstall the tunnel service as attempting to reinstall the service resulted in the CLI indicating the tunnel service was already installed.

Doing some troubleshooting on the hosting server, I found that wg server errored out with: Could not bind to socket 0.0.0.0:51820 (0xc0000022). Unable to bring up adapter: Access is denied.. This error immediately following a restart subsequent to a Windows security update (KB5022840). Restarting the host server did not resolve the issue. Uninstalling the security update allowed the tunnel service to be uninstalled, reinstalled, and the private network and NAT table settings to be restored - wg server was fully restored and operating properly again. The security update was later installed without issue.

It's difficult to say what the root cause was for this manifestation of the same issue, but this may provide some troubleshooting steps for other users.

[micahmo]

Wow, great insight, thank you so much for those details @mtkarp! I'm sure they will help others.

Out of curiosity, where did you find the socket binding error? In the WireGuard application logs?

[mtkarp]

@micahmo The logs I was looking at were in the WireGuard application, not within the wg server. I have a copy of the log files attached for reference. This log starts with the shutdown associated with the Windows update.

[xxIndirect]

So I had this happen even without the listed KB Update from Mtkarp. Fix was: wireguard.exe /uninstalltunnelservice wg_server > reboot computer > install using UI.

Happened twice so far over past 2 days. Once per day.

[aframires]

I am also facing this issue, same 'Could not bind socket' error as @mtkarp

Let me know if you would like any further logs to solve this issue, been happening too often.

[pikesaury]

The same problem occurs after KB5026446. Creation of Tunnel Service fails in CUI.

tunnel creation works well when done in the GUI.

https://www.smarthomebeginner.com/wireguard-windows-setup/

[pikesaury]

Exit WS4W before creating the Tunnel Service.

Open C:\Users\[user]\AppData\Roaming\WS4Wserver_wg.

Load server_wg.conf into WireGuardGUI and add Tunnel.

When doing so, add Address = 10.253.0.1/24 to the [Interface] field.

Click the Activate button in the WireGuard GUI.

Start WS4W and configure the remaining settings.

Everything is working fine. Reboot is also OK.

[vsviridov]

The problem is likely because of Hyper-V reserving some ports. I've encountered this before with another port in the 50K range.

https://stackoverflow.com/questions/48478869/cannot-bind-to-some-ports-due-to-permission-denied

[morbidpete]

The problem is likely because of Hyper-V reserving some ports. I've encountered this before with another port in the 50K range.

https://stackoverflow.com/questions/48478869/cannot-bind-to-some-ports-due-to-permission-denied

Had this same issue, changed to a40k port and worked immediately. Thank you.