[PLUG] Wireguard on ubuntu 24.04 - no network connectivity

Tomas Kuchta tomas.kuchta.lists at gmail.com
Sun Jan 12 18:05:33 UTC 2025


Client - as mentioned the server is working with other clients. Also the
key exchange is working - the client connects to the server WG.

Routing is the most likely the problem ... IMHO

-T

On Sun, Jan 12, 2025, 12:04 Ted Mittelstaedt <tedm at portlandia-it.com> wrote:

> Are you trying to setup your Ubuntu as a remote client with a wireguard
> server somewhere on the Internet, or are you trying to use the Ubuntu
> system as a wireguard server at your site to be able to remote into it?
>
> Ted
>
> -----Original Message-----
> From: PLUG <plug-bounces at lists.pdxlinux.org> On Behalf Of Tomas Kuchta
> Sent: Saturday, January 11, 2025 7:23 PM
> To: Portland Linux/Unix Group <plug at lists.pdxlinux.org>
> Subject: [PLUG] Wireguard on ubuntu 24.04 - no network connectivity
>
> Any wireguard experts here?
> I cannot get network traffic through wireguard on Ubuntu 24.04.
> I have been failing to resolve this and resorted to connecting through my
> android Wireguard
>
> 1. the server is working - it works like a charm on my android phone 2. WG
> handshake is fine - it connects 3. I disabled firewall by: sudo ufw disable
> - to no effect 4. I have long given up on google because:
>    a) most posts are parroting someone without understanding networking
>    b) competent posts assume pretty advanced networking knowledge or
> windows or bsd or ....
>
> the setup:
> -------------
> sudo ls -l /etc/wireguard/wg0.conf
> -rw------- 1 root root 266 Jan 11 20:56 /etc/wireguard/wg0.conf
>
> sudo cat /etc/wireguard/wg0.conf
> [Interface]
> PrivateKey =xxxxxxxxx
> Address = 192.168.40.4/32
> DNS = 192.168.40.1
>
> [Peer]
> PublicKey =yyyyyyyy
> AllowedIPs = 192.168.40.1/32,192.168.40.4/32,0.0.0.0/0
> Endpoint = 111.222.333.444:51820
>
> sudo wg-quick up wg0
> [#] ip link add wg0 type wireguard
> [#] wg setconf wg0 /dev/fd/63
> [#] ip -4 address add 192.168.40.4/32 dev wg0 [#] ip link set mtu 1420 up
> dev wg0 [#] resolvconf -a wg0 -m 0 -x [#] ip -4 route add 192.168.40.4/32
> dev wg0 [#] ip -4 route add 192.168.40.1/32 dev wg0 [#] wg set wg0 fwmark
> 51820 [#] ip -4 rule add not fwmark 51820 table 51820 [#] ip -4 rule add
> table main suppress_prefixlength 0 [#] ip -4 route add 0.0.0.0/0 dev wg0
> table 51820 [#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
> [#] nft -f /dev/fd/63
>
> ping 192.168.40.1
> PING 192.168.40.1 (192.168.40.1) 56(84) bytes of data.
> ^C
> --- 192.168.40.1 ping statistics ---
> 5 packets transmitted, 0 received, 100% packet loss, time 4072ms
>
> # before wg up:
> # ------------------
> ip addr
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
> default qlen 1000
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>     inet 127.0.0.1/8 scope host lo
>        valid_lft forever preferred_lft forever
>     inet6 ::1/128 scope host noprefixroute
>        valid_lft forever preferred_lft forever
> 2: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
> UP group default qlen 1000
>     link/ether 04:7b:cb:2c:ab:ac brd ff:ff:ff:ff:ff:ff
>     inet 10.10.208.202/16 brd 10.10.255.255 scope global dynamic
> noprefixroute wlp1s0
>        valid_lft 79251sec preferred_lft 79251sec
>     inet6 fe80::7fbd:1fbd:56ef:baef/64 scope link noprefixroute
>        valid_lft forever preferred_lft forever
> 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
> state DOWN group default qlen 1000
>     link/ether 52:54:00:27:fe:77 brd ff:ff:ff:ff:ff:ff
>     inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
>        valid_lft forever preferred_lft forever
>
> ip route
> default via 10.10.0.1 dev wlp1s0 proto dhcp src 10.10.208.202 metric 600
> 10.10.0.0/16 dev wlp1s0 proto kernel scope link src 10.10.208.202 metric
> 600
> 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1
> linkdown
>
> traceroute google.com
> traceroute to google.com (142.251.40.142), 30 hops max, 60 byte packets
>  1  _gateway (10.10.0.1)  2.214 ms  1.993 ms  1.775 ms
>  2  syn-142-254-208-053.inf.spectrum.com (142.254.208.53)  54.259 ms
>  54.198 ms  54.700 ms
>  3  lag-63.cnwynh1601h.netops.charter.com (24.58.224.169)  87.416 ms
>  87.373 ms  87.332 ms
>  4  lag-28.ptldmehx02r.netops.charter.com (24.58.40.246)  67.360 ms
> 67.315 ms  67.268 ms
>  5  lag-25.rcr01albynyyf.netops.charter.com (24.58.32.64)  67.228 ms
>  67.180 ms  67.135 ms
>  6  lag-416-10.nycmny837aw-bcr00.netops.charter.com (66.109.6.10)  85.270
> ms lag-26-10.nycmny837aw-bcr00.netops.charter.com (24.30.201.130)  83.895
> ms lag-416-10.nycmny837aw-bcr00.netops.charter.com (66.109.6.10)  83.807
> ms
>  7  209.85.172.46 (209.85.172.46)  83.759 ms 72.14.218.108 (72.14.218.108)
>  43.673 ms syn-066-109-007-099.inf.spectrum.com (66.109.7.99)  73.371 ms
>  8  * 192.178.108.17 (192.178.108.17)  60.608 ms  60.545 ms
>  9  142.251.64.4 (142.251.64.4)  60.479 ms 142.251.60.180 (142.251.60.180)
>  61.229 ms 142.251.53.150 (142.251.53.150)  61.174 ms
> 10  192.178.106.18 (192.178.106.18)  64.089 ms 216.239.49.65
> (216.239.49.65)  62.949 ms 192.178.106.20 (192.178.106.20)  62.894 ms
> 11  142.251.69.66 (142.251.69.66)  68.364 ms lga25s80-in-f14.1e100.net
> (142.251.40.142)  63.853 ms  62.721 ms
>
> # after wg up:
> # ----------------
> ip addr
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
> default qlen 1000
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>     inet 127.0.0.1/8 scope host lo
>        valid_lft forever preferred_lft forever
>     inet6 ::1/128 scope host noprefixroute
>        valid_lft forever preferred_lft forever
> 2: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
> UP group default qlen 1000
>     link/ether 04:7b:cb:2c:ab:ac brd ff:ff:ff:ff:ff:ff
>     inet 10.10.208.202/16 brd 10.10.255.255 scope global dynamic
> noprefixroute wlp1s0
>        valid_lft 79076sec preferred_lft 79076sec
>     inet6 fe80::7fbd:1fbd:56ef:baef/64 scope link noprefixroute
>        valid_lft forever preferred_lft forever
> 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue
> state DOWN group default qlen 1000
>     link/ether 52:54:00:27:fe:77 brd ff:ff:ff:ff:ff:ff
>     inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
>        valid_lft forever preferred_lft forever
> 20: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state
> UNKNOWN group default qlen 1000
>     link/none
>     inet 192.168.40.4/32 scope global wg0
>        valid_lft forever preferred_lft forever
>
> ip route
> default via 10.10.0.1 dev wlp1s0 proto dhcp src 10.10.208.202 metric 600
> 10.10.0.0/16 dev wlp1s0 proto kernel scope link src 10.10.208.202 metric
> 600
> 192.168.40.1 dev wg0 scope link
> 192.168.40.4 dev wg0 scope link
> 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1
> linkdown
>
> Any experts out there with an advice?
>
> Thanks, Tomas
>
>


More information about the PLUG mailing list