TunSafe Forum

Welcome to the TunSafe Community Forum. This is open for discussions related to TunSafe and the WireGuard protocol.

You are not logged in.

#1 2019-03-02 19:56:13

walterring
Member
Registered: 2019-03-02
Posts: 1

Server working, Clients can connect, no network connectivity

I have successfully set up a WireGuard Server at my home on Ubuntu in a virtual machine behind a NAT firewall.

I can sucessfully connect with Windows TunSafe or IOS WireGuard app both from internal and external network. Connect is very fast and reliable.

But as soon as the client is connected, I cannot access any IPs in my local network nor can I access the Internet. Seems to be some routing issues.

I have used following IP addresses:
10.0.0.0/24 on my internal Network, Default GW: 10.0.0.138
10.5.0.0/24 on the tun Network .1 Server, .2 Client
192.168.1.0/24 used on LTE Access Point to test external access

Here is the connection log (official IP and DynDNS obfuscated):

[18:58:29] Loading file: C:\Program Files\TunSafe\Config\walter.conf
[18:58:29] Resolved xxxxxx.ddns.net to 88.117.x.x
[18:58:29] TAP Driver Version 9.21
[18:58:29] Blocking standard DNS on all adapters
[18:58:29] Added Route 88.117.x.x/32  =>  192.168.1.1
[18:58:29] Added Route 0.0.0.0/1  =>  10.5.0.1
[18:58:29] Added Route 128.0.0.0/1  =>  10.5.0.1
[18:58:29] Sending handshake...
[18:58:29] Connection established. IP 10.5.0.2

route print on windows looks like this after connected:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.100     50
          0.0.0.0        128.0.0.0         10.5.0.1         10.5.0.2    102
         10.5.0.0    255.255.255.0         On-link          10.5.0.2    258
         10.5.0.2  255.255.255.255         On-link          10.5.0.2    258
       10.5.0.255  255.255.255.255         On-link          10.5.0.2    258
   88.117.109.250  255.255.255.255      192.168.1.1    192.168.1.100    150
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
        128.0.0.0        128.0.0.0         10.5.0.1         10.5.0.2    102
      192.168.1.0    255.255.255.0         On-link     192.168.1.100    306
    192.168.1.100  255.255.255.255         On-link     192.168.1.100    306
    192.168.1.255  255.255.255.255         On-link     192.168.1.100    306
    192.168.143.0  255.255.255.240         On-link     192.168.143.1   5256
    192.168.143.1  255.255.255.255         On-link     192.168.143.1   5256
   192.168.143.15  255.255.255.255         On-link     192.168.143.1   5256
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link     192.168.1.100    306
        224.0.0.0        240.0.0.0         On-link     192.168.143.1   5256
        224.0.0.0        240.0.0.0         On-link          10.5.0.2    258
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link     192.168.1.100    306
  255.255.255.255  255.255.255.255         On-link     192.168.143.1   5256
  255.255.255.255  255.255.255.255         On-link          10.5.0.2    258


IP addresses on wireguard server:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:9f:26:cf brd ff:ff:ff:ff:ff:ff
    inet 10.0.0.101/24 brd 10.0.0.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::d92a:ef26:75ab:4353/64 scope link noprefixroute
       valid_lft forever preferred_lft forever
3: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none
    inet 10.5.0.1/24 scope global wg0
       valid_lft forever preferred_lft forever

Do I need to configure any routing on my Ubuntu Server?

Any ideas how I can fix this?

Offline

Board footer

Powered by FluxBB