Unable to connect using windows client

a7g4 commented 1 year ago

Describe the problem

Windows client does not connect

To Reproduce Steps to reproduce the behavior:

Download and install https://pkgs.netbird.io/windows/x64
Right click tray icon -> Settings
Update Management & Admin URL to self-hosted endpoint, click save
Attempt to connect (right click tray icon -> Connect)
Go through OIDC flow in browser

Expected behavior Netbird should be connected, but it is not (tray icon shows disconnected, netbird status shows disconnected).

OIDC flow worked as the peer is registered on the admin interface.

NetBird status -d output:

C:\WINDOWS\system32>netbird status -d
Peers detail:
Daemon version:
CLI version: 0.14.3
Management: Disconnected
Signal: Disconnected
FQDN:
NetBird IP: N/A
Interface type: N/A
Peers count: 0/0 Connected

Additional context Output of client.log:

2023-03-27T01:13:01-06:00 INFO client/cmd/service_controller.go:23: starting Netbird service
2023-03-27T01:13:01-06:00 INFO client/internal/config.go:88: generating new config C:\ProgramData\Netbird\config.json
2023-03-27T01:13:01-06:00 INFO client/cmd/service_controller.go:63: started daemon server: 127.0.0.1:41731
2023-03-27T01:15:00-06:00 INFO client/internal/config.go:168: new Management URL provided, updated to https://netbird.XXXX:33073 (old value https://api.wiretrustee.com:443)
2023-03-27T01:15:00-06:00 INFO client/internal/config.go:179: new Admin Panel URL provided, updated to https://netbird.XXXX:443 (old value https://app.netbird.io:443)
2023-03-27T01:15:01-06:00 ERRO client/internal/login.go:58: failed logging-in peer on Management Service : rpc error: code = InvalidArgument desc = invalid setup-key or no sso information provided, err: invalid UUID length: 0
2023-03-27T01:15:01-06:00 WARN client/server/server.go:117: failed login: rpc error: code = InvalidArgument desc = invalid setup-key or no sso information provided, err: invalid UUID length: 0
2023-03-27T01:15:07-06:00 ERRO client/internal/login.go:58: failed logging-in peer on Management Service : rpc error: code = InvalidArgument desc = invalid setup-key or no sso information provided, err: invalid UUID length: 0
2023-03-27T01:15:07-06:00 WARN client/server/server.go:117: failed login: rpc error: code = InvalidArgument desc = invalid setup-key or no sso information provided, err: invalid UUID length: 0
2023-03-27T01:15:14-06:00 INFO client/internal/login.go:97: peer has been successfully registered on Management Service
2023-03-27T01:15:14-06:00 INFO client/internal/login.go:61: peer has successfully logged-in to the Management service https://netbird.XXXX:33073
2023-03-27T01:15:15-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:16-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:18-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:18-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:23-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:23-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:29-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:29-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:34-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:35-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:43-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:44-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:04-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:05-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:08-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:09-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:15-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:15-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:19-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:20-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:30-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:30-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820

braginini commented 1 year ago

Hi @a7g4 You should run the command line or power shell tools as administrator.

a7g4 commented 1 year ago

This is what is happening after using the installer

braginini commented 1 year ago

This is what is happening after using the installer

Do you have any other solution or plain WireGuard running on this machine?

Could you please also open Power Shell as an administrator, run this, and show the output?

netbird service stop
netbird up -F --log-level debug

a7g4 commented 1 year ago

I got some really weird behaviour - after I came back to the machine after about 30 minutes (no change, didn't run any netbird commands, didn't interact with the tray icon, no sleep/restart/logoff etc.) it was connected.

Here's the full client.log:

2023-03-27T01:13:01-06:00 INFO client/cmd/service_controller.go:23: starting Netbird service
2023-03-27T01:13:01-06:00 INFO client/internal/config.go:88: generating new config C:\ProgramData\Netbird\config.json
2023-03-27T01:13:01-06:00 INFO client/cmd/service_controller.go:63: started daemon server: 127.0.0.1:41731
2023-03-27T01:15:00-06:00 INFO client/internal/config.go:168: new Management URL provided, updated to https://netbird.XXXX:33073 (old value https://api.wiretrustee.com:443)
2023-03-27T01:15:00-06:00 INFO client/internal/config.go:179: new Admin Panel URL provided, updated to https://netbird.XXXX:443 (old value https://app.netbird.io:443)
2023-03-27T01:15:01-06:00 ERRO client/internal/login.go:58: failed logging-in peer on Management Service : rpc error: code = InvalidArgument desc = invalid setup-key or no sso information provided, err: invalid UUID length: 0
2023-03-27T01:15:01-06:00 WARN client/server/server.go:117: failed login: rpc error: code = InvalidArgument desc = invalid setup-key or no sso information provided, err: invalid UUID length: 0
2023-03-27T01:15:07-06:00 ERRO client/internal/login.go:58: failed logging-in peer on Management Service : rpc error: code = InvalidArgument desc = invalid setup-key or no sso information provided, err: invalid UUID length: 0
2023-03-27T01:15:07-06:00 WARN client/server/server.go:117: failed login: rpc error: code = InvalidArgument desc = invalid setup-key or no sso information provided, err: invalid UUID length: 0
2023-03-27T01:15:14-06:00 INFO client/internal/login.go:97: peer has been successfully registered on Management Service
2023-03-27T01:15:14-06:00 INFO client/internal/login.go:61: peer has successfully logged-in to the Management service https://netbird.XXXX:33073
2023-03-27T01:15:15-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:16-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:18-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:18-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:23-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:23-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:29-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:29-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:34-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:35-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:43-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:15:44-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:04-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:05-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:08-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:09-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:15-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:15-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:19-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:20-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:30-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:30-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:47-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:16:47-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:17:13-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:17:14-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:17:21-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:17:22-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:17:35-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:17:35-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:17:46-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:17:46-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:18:02-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:18:02-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:18:12-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:18:12-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:18:22-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:18:23-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:18:44-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:18:45-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:18:53-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:18:53-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:19:00-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:19:01-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:19:13-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:19:13-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:19:32-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:19:32-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:19:59-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:20:00-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:20:10-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:20:10-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:20:21-06:00 ERRO client/internal/engine.go:213: failed configuring Wireguard interface [wt0]: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:20:21-06:00 ERRO client/internal/connect.go:149: error while starting Netbird Connection Engine: received error "Access is denied." while configuring interface wt0 with port 51820
2023-03-27T01:20:50-06:00 INFO client/internal/routemanager/systemops_nonlinux.go:39: check netforward history is not implemented on windows
2023-03-27T01:20:50-06:00 INFO signal/client/grpc.go:136: connected to the Signal Service stream
2023-03-27T01:20:50-06:00 INFO client/internal/connect.go:153: Netbird engine started, my IP is: 100.127.212.129/16
2023-03-27T01:20:50-06:00 INFO management/client/grpc.go:123: connected to the Management Service stream
2023-03-27T01:20:50-06:00 WARN client/internal/routemanager/client.go:109: no route was chosen for network 10.0.3.0/24 because no peers from list [dZFeBxufQwfe5dQl7g11KxVgaJ9uCWaSxGz1+2ojbhQ=] were connected
2023-03-27T01:20:50-06:00 WARN client/internal/routemanager/client.go:109: no route was chosen for network 192.168.1.102/32 because no peers from list [dZFeBxufQwfe5dQl7g11KxVgaJ9uCWaSxGz1+2ojbhQ=] were connected
2023-03-27T01:20:50-06:00 WARN client/internal/routemanager/client.go:109: no route was chosen for network 10.200.200.0/24 because no peers from list [dZFeBxufQwfe5dQl7g11KxVgaJ9uCWaSxGz1+2ojbhQ=] were connected
2023-03-27T01:20:50-06:00 INFO client/internal/dns/host_windows.go:137: added 1 match domains to the state. Domain list: [.XXXX]
2023-03-27T01:20:50-06:00 INFO client/internal/dns/host_windows.go:176: updated the search domains in the registry with 1 domains. Domain list: [XXXX]
2023-03-27T01:20:51-06:00 WARN client/internal/routemanager/client.go:109: no route was chosen for network 10.0.3.0/24 because no peers from list [dZFeBxufQwfe5dQl7g11KxVgaJ9uCWaSxGz1+2ojbhQ=] were connected
2023-03-27T01:20:51-06:00 WARN client/internal/routemanager/client.go:109: no route was chosen for network 192.168.1.102/32 because no peers from list [dZFeBxufQwfe5dQl7g11KxVgaJ9uCWaSxGz1+2ojbhQ=] were connected
2023-03-27T01:20:51-06:00 WARN client/internal/routemanager/client.go:109: no route was chosen for network 10.200.200.0/24 because no peers from list [dZFeBxufQwfe5dQl7g11KxVgaJ9uCWaSxGz1+2ojbhQ=] were connected
2023-03-27T01:20:52-06:00 INFO client/internal/peer/conn.go:298: connected to peer dZFeBxufQwfe5dQl7g11KxVgaJ9uCWaSxGz1+2ojbhQ= [laddr <-> raddr] [10.40.1.13:53201 <-> 74.111.169.64:53959]
2023-03-27T01:20:52-06:00 INFO client/internal/routemanager/client.go:111: new chosen route is cgdqj52ifcps73e83tf0 with peer dZFeBxufQwfe5dQl7g11KxVgaJ9uCWaSxGz1+2ojbhQ= with score 2
2023-03-27T01:20:52-06:00 INFO client/internal/routemanager/client.go:111: new chosen route is cgea6fiifcps73e83tlg with peer dZFeBxufQwfe5dQl7g11KxVgaJ9uCWaSxGz1+2ojbhQ= with score 2
2023-03-27T01:20:52-06:00 INFO client/internal/routemanager/client.go:111: new chosen route is cgeajh2ifcps73e83tm0 with peer dZFeBxufQwfe5dQl7g11KxVgaJ9uCWaSxGz1+2ojbhQ= with score 2
2023-03-27T01:20:52-06:00 INFO client/internal/peer/conn.go:298: connected to peer htFOjN1Y4mRtwEc3cczx9TeSjA4TOop3o09w3josunc= [laddr <-> raddr] [38.15.201.223:53202 <-> 72.19.171.177:40516]

If I see this behaviour again, I'll try commands you posted.

This machine does have a Fortigate VPN client installed (I'm trying to migrate all the users off that).

mlsmaycon commented 1 year ago

@a7g4 sorry for the delay in responding. Can you confirm if the issue was resolved? From the logs, it seems that the port was already in use by another program or another Wireguard interface (maybe the Fortigate VPN client).

a7g4 commented 1 year ago

We don't have many windows machines so I don't have a large sample size - of the 8 that I tried 5 had an issue something like this. (Most didn't have any other VPN software running)

Through some combination of start/stopping Netbird and restarting the machine I got them all working and they haven't had an issue once they connected initially 🤷 Sorry I don't have more useful info.

Issue is resolved for me at least

mlsmaycon commented 1 year ago

No problem at all. Thanks for the feedback.

I will close the issue.

netbirdio / netbird

Unable to connect using windows client #763