<div dir="ltr"><div>Forgot to tell : </div>both versions (server/client) 0.0.20170726<div><br></div><div>Jan</div></div><br><div class="gmail_quote"><div dir="ltr">On Thu, Aug 10, 2017 at 9:10 PM Jan De Landtsheer <<a href="mailto:jan.delandtsheer@gmail.com">jan.delandtsheer@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><font face="monospace" size="2"><br></font></div><div><font face="monospace" size="2">basically this is what happens:</font></div><div><font face="monospace" size="2">client connects to <a href="http://134.56.78.5:443" target="_blank">134.56.78.5:443</a></font></div><div><font face="monospace" size="2">wg show gives:</font></div><div><font face="monospace" size="2">peer <a href="http://111.22.33.25:443" target="_blank">111.22.33.25:443</a></font></div><div><font face="monospace" size="2"><br></font></div><div><font face="monospace" size="2"> +----------------------+</font></div><div><font face="monospace" size="2"> | |</font></div><div><font face="monospace" size="2"> +----------------+ client |</font></div><div><font face="monospace" size="2"> | | <a href="http://81.82.222.111/18" target="_blank">81.82.222.111/18</a> (fixed IP)</font></div><div><font face="monospace" size="2"> XXXX++XX | |</font></div><div><font face="monospace" size="2"> XXXXXX XXX +----------------------+</font></div><div><font face="monospace" size="2"> XX X XX</font></div><div><font face="monospace" size="2"> X internet X client config:</font></div><div><font face="monospace" size="2"> X X XX [interface]</font></div><div><font face="monospace" size="2"> XX XX peer <a href="http://134.56.78.5:443" target="_blank">134.56.78.5:443</a></font></div><div><font face="monospace" size="2"> <a href="http://111.22.33.26/30" target="_blank">111.22.33.26/30</a> |XXX XX</font></div><div><font face="monospace" size="2"> default gateway | XXXXXXX</font></div><div><font face="monospace" size="2"> |</font></div><div><font face="monospace" size="2"> | after connect:</font></div><div><font face="monospace" size="2"> UPLINK | wg show</font></div><div><font face="monospace" size="2"> | peer <a href="http://111.22.33.25:443" target="_blank">111.22.33.25:443</a></font></div><div><font face="monospace" size="2"> |</font></div><div><font face="monospace" size="2"> +-------------------+-------------------+</font></div><div><font face="monospace" size="2"> | eth1:<a href="http://111.22.33.25/30" target="_blank">111.22.33.25/30</a> |</font></div><div><font face="monospace" size="2"> | |</font></div><div><font face="monospace" size="2"> | router = wg server |</font></div><div><font face="monospace" size="2"> | |</font></div><div><font face="monospace" size="2"> | eth0: <a href="http://134.56.78.1/24" target="_blank">134.56.78.1/24</a> deft gw for <a href="http://134.56.78.0/24" target="_blank">134.56.78.0/24</a></font></div><div><font face="monospace" size="2"> | eth0: <a href="http://134.56.78.5/24" target="_blank">134.56.78.5/24</a> a free ip with open port for 443 (wg destination)</font></div><div><font face="monospace" size="2"> +----------------+----------------------+</font></div><div><font face="monospace" size="2"> |</font></div><div><font face="monospace" size="2"> |</font></div><div><font face="monospace" size="2"> |</font></div><div><font face="monospace" size="2"> |</font></div><div><font face="monospace" size="2"> |</font></div><div><font face="monospace" size="2">+----------------------------+--------------------------------+ also <a href="http://134.56.78.0/24" target="_blank">134.56.78.0/24</a></font></div><div><br></div><div>no nat at all in this setup only some firewall filtering</div></div><div dir="ltr"><div><br></div><div>Jan</div></div><br><div class="gmail_quote"><div dir="ltr">On Thu, Aug 10, 2017 at 8:40 PM Jason A. Donenfeld <<a href="mailto:Jason@zx2c4.com" target="_blank">Jason@zx2c4.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi Jan,<div><br></div><div>So it looks like this is happening to you:</div><div><br></div><div><img src="cid:ii_j66sdnxy0_15dcd70af6037987" width="383" height="562"></div><div><br></div><div>This should not be the behavior, and if it is, you've either found a bug in WireGuard or a bug in your own setup.</div><div><br></div><div>1) Are you running the latest snapshot of WireGuard? Which one?</div><div>2) "<span style="font-size:12.8px">but I don’t know for sure… it seems to be a regression somewhere as I don’t recall to have that problem before…" Can you be more precise?</span></div><div><span style="font-size:12.8px">3) If you are running the latest version, does this patch fix it? <a href="http://ix.io/z3d" target="_blank">http://ix.io/z3d</a></span></div><div><span style="font-size:12.8px">4) Can you confirm that there exists a route from the server back to the client?</span></div><div><span style="font-size:12.8px"><br></span></div><div><span style="font-size:12.8px">Thanks,</span></div><div><span style="font-size:12.8px">Jason<br></span><br></div></div>
</blockquote></div></blockquote></div>