Comments (8)
sudo dnf install wireguard-tools gawk grep iproute qrencode
To include wireguard-tools
in available available packages list read wireguard.com/install.
from easy-wg-quick.
[centos@srv1 ~]$ sudo dnf install wireguard-tools gawk grep iproute qrencode Last metadata expiration check: 0:53:30 ago on Tue 10 Dec 2019 07:39:31 AM CET. Package wireguard-tools-1:0.0.20191206-1.el8.x86_64 is already installed. Package gawk-4.2.1-1.el8.x86_64 is already installed. Package grep-3.1-6.el8.x86_64 is already installed. Package iproute-4.18.0-11.el8.x86_64 is already installed. Package qrencode-3.4.4-5.el8.x86_64 is already installed. Dependencies resolved. Nothing to do. Complete!
WG up, client connect, but internet not work (
from easy-wg-quick.
Redact keys and post your configuration.
from easy-wg-quick.
[Interface]
Address = 10.127.0.11/24, fdfc:2965:0503:e2ae::11/64
DNS = 1.1.1.1, 2606:4700:4700::1111
PrivateKey = sEqaaTqa05iX/ZbZkEkMM1bveXChJ3r6u1YcY6srjW4=
[Peer]
PublicKey = 4p4s64L1qkQrGiUMDlppq87aLWqtM01UhhlVKsgiQxA=
PresharedKey = o5efiOLqBZWpVN5P2+sZEzP2zBxqtnSRoZasCALyqCs=
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = 194.182.67.126:17596
PersistentKeepalive = 25
from easy-wg-quick.
[Interface]
Address = 10.127.0.1/24
ListenPort = 17596
PrivateKey = 0MCxGDeCuAxTGOXXRCckCVfzP4OOJwfmO2ebzq*****
SaveConfig = false
PostUp = iptables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o eth0 -j TCPMSS --clamp-mss-to-pmtu
PostUp = ip6tables -t mangle -A POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o eth0 -j TCPMSS --clamp-mss-to-pmtu
PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostUp = ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostUp = iptables -A FORWARD -i %i -j ACCEPT
PostUp = ip6tables -A FORWARD -i %i -j ACCEPT
PostUp = sysctl -q -w net.ipv4.ip_forward=1
PostUp = sysctl -q -w net.ipv6.conf.all.forwarding=1
PostDown = sysctl -q -w net.ipv4.ip_forward=0
PostDown = sysctl -q -w net.ipv6.conf.all.forwarding=0
PostDown = iptables -D FORWARD -i %i -j ACCEPT
PostDown = ip6tables -D FORWARD -i %i -j ACCEPT
PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
PostDown = ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -t mangle -D POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o eth0 -j TCPMSS --clamp-mss-to-pmtu
PostDown = ip6tables -t mangle -D POSTROUTING -p tcp --tcp-flags SYN,RST SYN -o eth0 -j TCPMSS --clamp-mss-to-pmtu
[Peer]
PublicKey = H1czdpaba1t/Na9kwY0HNLfWgvzIMjFPgWEfPgyyGSc=
PresharedKey = o5efiOLqBZWpVN5P2+sZEzP2zBxqtnSRoZasCALyqCs=
AllowedIPs = 10.127.0.11/32, fdfc:2965:0503:e2ae::11/128
from easy-wg-quick.
but internet not work
Config looks fine. What exactly does not work, when "internet not work"? Could you try the following:
- Check if you can ping/traceroute your VPN hub.
- Check if you can ping/traceroute your DNS server.
- Check if you can ping/traceroute anything else in the Internet.
- Check above for IPv4, if your system defaults to IPv6.
- Check if you can resolve DNS names (i.e. host -v github.com)
- Try to use curl/wget to reach some HTTP sites (i.e. curl -vvv https://github.com)
- If curl/wget works for small pages, but large pages/files loading breaks check for (P)MTU issues.
If all of above work post what you were trying to do and it doesn't work.
from easy-wg-quick.
- Check if you can ping/traceroute your VPN hub.
Ответ от 194.182.67.126: число байт=32 время=37мс TTL=64
2. eck if you can ping/traceroute your DNS server.
Fail
from easy-wg-quick.
Does your VPN hub forward packets? You can check that with tcpdump
. Are there other firewall rules except those set by wg-quick that can block traffic? You can verify firewall setup with ip(6)tables -vnxL
.
from easy-wg-quick.
Related Issues (20)
- nftables PostDown doesn't work HOT 2
- Incorrect rules in case if nftables is already present and activated HOT 2
- Add firewalld support for Centos / Arch based systems
- about saveconfig=true HOT 3
- strong recomend using 0.0.0.0/1 128.0.0.0/1 instead of 0.0.0.0/0 in allowips HOT 9
- SSH tunnels not working HOT 2
- the client config used by openwrt has something wrong HOT 3
- when using ndp, the client can mtr to public ipv6, but public ipv6 could not mtr to client ipv6. HOT 1
- Something went wrong HOT 19
- NDP Proxy - how to verify its working? HOT 6
- IP address generation does not work correctly above 255
- Unable to locate package HOT 1
- I've successfully installed this script, the Endpoint port is 52757, but I can't connect to the network HOT 7
- config for ds-lite isp link HOT 2
- discuss: about ndp proxy
- please consider two interface, which is ipv4 only and other is v6 only
- Consider DOCKER-USER chain if docker is installed HOT 1
- Can't connect to internet
- No internet access
- TCP MSS Clamping missing if fwtype set to firewalld
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from easy-wg-quick.