Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wireguard peer missing and unreachable #207

Open
Dialgatrainer02 opened this issue Jul 8, 2024 · 0 comments
Open

wireguard peer missing and unreachable #207

Dialgatrainer02 opened this issue Jul 8, 2024 · 0 comments

Comments

@Dialgatrainer02
Copy link

hello. I have 3 wireguard nodes
my laptop
an lxc server at home
an oracle cloud instance

im trying to allow my laptop to be able to access my lan and my lan machine and my laptop to use the cloud instance to access the internet. with my current setup the cloud instance has network access the lan server and cloud vps can access the internet but not peers and my laptop has no dns but can reach 1.1.1.1ands cant reach any peers.
i have setup basic wireguard hub and spoke setups before by hand but im struggling with this setup.
snippet of my inventory related to wireguard

wireguard:
  hosts:
    wireguard-oci:
      ansible_host: 1.1.1.1#changed to not leak ips
      ansible_user: opc
      ansible_ssh_private_key_file: ../ssh_keys/staging_key
      wireguard_endpoint: ""
      wireguard_addresses:
        - "10.50.0.1/32"
      wireguard_allowed_ips: "10.50.0.1/32"
      wireguard_postup: # enables masquerading 
        -  nft add table inet wireguard; nft add chain inet wireguard wireguard_chain {type nat hook postrouting priority srcnat\; policy accept\;}; nft add rule inet wireguard wireguard_chain counter packets 0 bytes 0 masquerade;
      wireguard_postdown:
        - nft delete table inet wireguard;
    wireguard-home:
      ansible_host: 192.168.0.108
      ansible_user: root
      ansible_ssh_private_key_file: ../ssh_keys/staging_key
      wireguard_addresses:
        - "10.50.0.2/32"
      wireguard_allowed_ips: "10.50.0.3/32, 192.168.0.0/24"# allows lan access 
      wireguard_endpoint: "1.1.1.1"
    laptop:
      wireguard_addresses:
        - "10.50.0.3/32"
      wireguard_endpoint: "1.1.1.1"
      ansible_connection: local

wg on cloud instance

interface: wg0
  public key: FJwNdrVg1UcEq0w0RB83bPrJSYxF3NhjXu7Wv+BpCXo=
  private key: (hidden)
  listening port: 51820

peer: zmBrEVlkCss4Kxb4nZi88V+8TNa78O2dSEsXopYbJ1M=
  endpoint:  1.1.1.1:51820
  allowed ips: 192.168.0.0/24
  transfer: 0 B received, 68.22 KiB sent

for some reason my laptop isnt showing as a peer
cloud wg0.conf

# Ansible managed

[Interface]
# wireguard-oci
Address = 10.50.0.1/32
PrivateKey = ###################################################
ListenPort = 51820
PostUp = nft add table inet wireguard; nft add chain inet wireguard wireguard_chain {type nat hook postrouting priority srcnat\; policy accept\;}; nft add rule inet wireguard wireguard_chain counter packets 0 bytes 0 masquerade;
PostDown = nft delete table inet wireguard;

[Peer]
# Name = wireguard-home
PublicKey = ###########################################
AllowedIPs = 192.168.0.0/24
Endpoint = 1.1.1.1:51820

[Peer]
# Name = laptop
PublicKey = #################################################
AllowedIPs = 10.50.0.3/32
Endpoint = 1.1.1.1:51820

running wg on my home server shows both peers

i have definatly added the security list to allow wireguard through on oracle cloud (allows udp traffic on port 51820)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Dialgatrainer02