[SOLVED] Wireguard setup. Tunnel established but no internet on client
by axolinx from LinuxQuestions.org on (#6CCA1)
Guys.
I'm currently using an L2TP tunnel, but it's quite slow. To improve performance, I'm in the process of setting up Wireguard. Before implementing it on my main system, I'm learning how to configure the connection using a virtual machine (VM).
I'm testing the setup with a cloud server and a Mint VM client on my laptop. I'll provide the configurations for both the server (Ubuntu 20.04.6) and the client VM (Mint Mate 20.3).
So far, I've successfully established the connection. Here's the current status:
Thank you!!
Server:
/etc/wireguard/wg0.conf
Code:[Interface]
PrivateKey = TheServerPrivateKey-HERE
Address = 192.168.69.1/24
ListenPort = 51820
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o ens4 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o ens4 -j MASQUERADE
[Peer]
PublicKey = TheClientPrivateKey-HERE
AllowedIPs = 192.168.69.2/24
PersistentKeepalive = 25Server ifconfig:
Code:$ ifconfig
ens4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1460
inet 10.182.0.2 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 feXX::XXXXXXXXb6:2 prefixlen 64 scopeid 0x20<link>
ether 42:01:32:b6:71:02 txqueuelen 1000 (Ethernet)
RX packets 44698 bytes 10199212 (10.1 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 40519 bytes 24195245 (24.1 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 676 bytes 56415 (56.4 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 676 bytes 56415 (56.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1380
inet 192.168.69.1 netmask 255.255.255.0 destination 192.168.69.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 1253 bytes 127220 (127.2 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 331 bytes 42700 (42.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0Client:
/etc/wireguard/wg0.conf
Code:[Interface]
PrivateKey = TheClientPrivateKey-HERE
Address = 192.168.69.2/24
DNS = 192.168.69.1
[Peer]
PublicKey = TheServerPublicKey-HERE
Endpoint = 34.xx.xx.xx:51820 #server IP obfuscated for the forum post.
AllowedIPs = 0.0.0.0/0Client ifconfig:
Code:enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.221.248 netmask 255.255.255.0 broadcast 192.168.221.255
inet6 feXX::XXXXXXXX:b2ff prefixlen 64 scopeid 0x20<link>
ether 02:00:42:27:A0:81 txqueuelen 1000 (Ethernet)
RX packets 2019 bytes 306086 (306.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5188 bytes 699700 (699.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 1992 bytes 196123 (196.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1992 bytes 196123 (196.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
inet 192.168.69.2 netmask 255.255.255.0 destination 192.168.69.2
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 383 bytes 49064 (49.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1396 bytes 141848 (141.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
I'm currently using an L2TP tunnel, but it's quite slow. To improve performance, I'm in the process of setting up Wireguard. Before implementing it on my main system, I'm learning how to configure the connection using a virtual machine (VM).
I'm testing the setup with a cloud server and a Mint VM client on my laptop. I'll provide the configurations for both the server (Ubuntu 20.04.6) and the client VM (Mint Mate 20.3).
So far, I've successfully established the connection. Here's the current status:
- The client (192.168.69.2) can ping the server (192.168.69.1), but it's unable to browse websites or ping other IP addresses like 1.1.1.1.
- I've tried various DNS options in the client configuration file (e.g., 1.1.1.1, 8.8.8.8, 192.168.69.1) without success. I even attempted commenting out the DNS line, but it didn't resolve the issue.
- Each time I make changes, I restart the Wireguard tunnel on both ends using the command: systemctl restart wg-quick@wg0
Thank you!!
Server:
/etc/wireguard/wg0.conf
Code:[Interface]
PrivateKey = TheServerPrivateKey-HERE
Address = 192.168.69.1/24
ListenPort = 51820
PostUp = iptables -A FORWARD -i wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o ens4 -j MASQUERADE
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT; iptables -t nat -D POSTROUTING -o ens4 -j MASQUERADE
[Peer]
PublicKey = TheClientPrivateKey-HERE
AllowedIPs = 192.168.69.2/24
PersistentKeepalive = 25Server ifconfig:
Code:$ ifconfig
ens4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1460
inet 10.182.0.2 netmask 255.255.255.255 broadcast 0.0.0.0
inet6 feXX::XXXXXXXXb6:2 prefixlen 64 scopeid 0x20<link>
ether 42:01:32:b6:71:02 txqueuelen 1000 (Ethernet)
RX packets 44698 bytes 10199212 (10.1 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 40519 bytes 24195245 (24.1 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 676 bytes 56415 (56.4 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 676 bytes 56415 (56.4 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1380
inet 192.168.69.1 netmask 255.255.255.0 destination 192.168.69.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 1253 bytes 127220 (127.2 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 331 bytes 42700 (42.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0Client:
/etc/wireguard/wg0.conf
Code:[Interface]
PrivateKey = TheClientPrivateKey-HERE
Address = 192.168.69.2/24
DNS = 192.168.69.1
[Peer]
PublicKey = TheServerPublicKey-HERE
Endpoint = 34.xx.xx.xx:51820 #server IP obfuscated for the forum post.
AllowedIPs = 0.0.0.0/0Client ifconfig:
Code:enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.221.248 netmask 255.255.255.0 broadcast 192.168.221.255
inet6 feXX::XXXXXXXX:b2ff prefixlen 64 scopeid 0x20<link>
ether 02:00:42:27:A0:81 txqueuelen 1000 (Ethernet)
RX packets 2019 bytes 306086 (306.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5188 bytes 699700 (699.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 1992 bytes 196123 (196.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1992 bytes 196123 (196.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 1420
inet 192.168.69.2 netmask 255.255.255.0 destination 192.168.69.2
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 383 bytes 49064 (49.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1396 bytes 141848 (141.8 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0