Does Not Work about qubes-wireguard HOT 6 CLOSED

The readme leaves out one crucial step: you must restart the VPN qube after running ./bin/qubes-wg-conf. The script does not reload the firewall or the wireguard service, so the changes are not activated until the next boot.

from qubes-wireguard.

Thanks for the tip. Everything is working now. Thank you for taking time and effort to publish this work.

Can you consider adding some type of visual feedback notification? (i.e. link "xx" up, link "xx" down, "link xx failure")

from qubes-wireguard.

Thanks, no problem!

With visual feedback, do you mean an icon in the upper right corner where other network status etc. is indicated?

from qubes-wireguard.

Also regarding fail safe, it actually handles this as long as it is only used for network provider qubes as documented in the readme, and not as an app qube. If you look closely at the firewall forward rules it only allows traffic from the lan interface flowing to the wireguard interface. That means that if the wireguard interface is down, the traffic flowing from the lan is dropped. This can be verified with tools like tcpdump by taking down the wg tunnel. If you see that this is not the case it is a bug and I will fix it.

There is nothing preventing the VPN qube itself from talking to the WAN if the wireguard tunnel is down, but this is by design and intended from my side. The intention is to make sure the clients behind the VPN qube stays protected even if the tunnel is down.

from qubes-wireguard.

hkbakke, thank you for taking the time to explain that and update the documentation.

regarding the visual feedback, i just mean if possible something really simple like a basic notification to let the user know the link is up / down / failure and maybe include some reference to the VM name or wg connection in case the user is running multiple wg vms. An example would be taskets script .

i would like to buy you a dinner as gesture of thanks for time and effort you have gone to publish this and make it available to less technical users like myself. if you have a bitcoin address let me know.

from qubes-wireguard.

hkbakke, thank you for taking the time to explain that and update the documentation.

regarding the visual feedback, i just mean if possible something really simple like a basic notification to let the user know the link is up / down / failure and maybe include some reference to the VM name or wg connection in case the user is running multiple wg vms. An example would be taskets script .

i would like to buy you a dinner as gesture of thanks for time and effort you have gone to publish this and make it available to less technical users like myself. if you have a bitcoin address let me know.

I appreciate the kind words! No need to do anything. I use this myself, so any input that leads to improved quality in some way is useful enough for me.

from qubes-wireguard.