Wireguard - Can connect, but can't do anything
I'm attempting to set up my Gold (in router mode) as a VPN server, and I'm hoping to use Wireguard.
I set up the VPN server, configured the client on both my mobile device and on a Windows desktop. I can connect, but I can't pass any traffic or use the internet.
- The VPN and the client are both configured, and the FWG says the port forwarding was configured automatically (the FWG has a public IP address).
- The client says I'm connected.
- I get an alert from the FWG saying I connected.
- The client gets an IP address in the VPN subnet that was automatically created when I turned on the VPN server.
- I cannot ping the gateway or any devices on my network.
- I cannot access the internet (from the mobile device I'm still using the carrier's internet, and from a windows computer the internet doesn't work at all).
I've got to believe I've forgotten to make some allowance or set something up. There are no explicit blocks or rules on either the VPN client device or on the VPN network that would block the traffic, but I also didn't configure any specific permissions.
Is there something common that I'm missing?
Thanks much.
-
Thanks much for the reply.
I'm outside the network (I'm at my office, and on my iPhone, I'm using my cell phone carrier's connection, not WiFi). The IP address my phone gets from Verizon and the IP address my desktop gets from my office network are both definitely in different ranges than my home network (all VLAN subnets, including the Wireguard VPN subnet).
-
I configured a profile for each (though I wasn't ever connected with both at the same time, anyway). After it didn't work, I wiped away the VPN server setup and all clients in the FWG and did it again - same result.
- On the iPhone, I saved the config file to the phone's file storage, then imported it into the Wireguard app. It connects, no problem (and the FWG says it connected). But then if I browse the internet, I'm still using the Verizon connection.
- On the PC, I downloaded the Windows client and created a tunnel from the config file. It connects, but once it does, I can't get to the internet at all from the computer, and I can't ping or access anything on the network behind the FWG. IPconfig tells me I've got an IP address in the FWG's wireguard network range (but oddly, it tells me the default gateway is 0.0.0.0).
-
I am also wondering what was the solution. I can also connect to my WireGuard server (running on a Firewalla purple) from my iPad but no traffic goes through.
On my iPad I get an IP, I can see on the firewall web interface that there is one device connected. Also the vpn client is configured to allow 0.0.0.0/0
-
I hate to be unhelpful, but I didn’t do anything. They opened a ticket for me, and by the time I got to the ticket, a few hours had passed. I tried again, and it was working fine. I’m not sure if there is some amount of time needed for the firewalla to update/provision VPN settings that I wasn’t allowing for, but after a break, it just started working.
-
WireGuard is a connectionless protocol. So it will always "connect" regardless if there is a "connection" or not. So if you are not connecting, it is highly likely you may not be able to reach the server. (if this happens, try another wifi or turn to LTE)
If you have tested the server and it works from other external wifi, then the problem is highly likely that your current ISP/WiFi may be blocking VPN/wireguard. If you never tested wireguard before, you will need go and tap on VPN server and check and make sure wireguard is fully up
Please sign in to leave a comment.
Comments
10 comments