<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr">On Wed, 2 Jan 2019 at 19:28, Shankar Ramamoorthy <<a href="mailto:shankar@me.com">shankar@me.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Installed Wireguard via MacPorts on machine running macOS Mojave 10.14.2.<br>
<br>
It worked the very first time, but haven't been able to get it to work<br>
since.<br>
<br>
Any help or suggestions appreciated. Gory details below.<br>
<br>
Machines: 192.168.11.44 (macos, 192.168.1.2) and 192.168.11.15 (Debian,<br>
192.168.1.1)<br>
<br>
I know that Wireguard on the Debian box is working properly because I<br>
can connect to it from a different peer.<br>
<br>
macos config:<br>
[Interface]<br>
Address = <a href="http://192.168.1.2/24" rel="noreferrer" target="_blank">192.168.1.2/24</a><br>
PrivateKey = kJbWLVX6tj+PxV9eKTZ0g4akHiPFOreUwsqsDrRXJmo=<br>
ListenPort = 2200<br>
<br>
[Peer]<br>
PublicKey = H+RLiowROj143Xjn/P87R4qcSmt+X7ROaPVzXYrYb1U=<br>
AllowedIPs = <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a>, ::/0<br>
Endpoint = <a href="http://192.168.11.15:2200" rel="noreferrer" target="_blank">192.168.11.15:2200</a><br>
# This is for if you’re behind a NAT and want the connection to be kept<br>
alive.<br>
PersistentKeepalive = 25<br>
<br>
Debian config:<br>
[Interface]<br>
PrivateKey = uMZzy458hweehyFfD4PenKwsH1/bKHSn0ayOWLknl2U=<br>
ListenPort = 2200<br>
<br>
[Peer]<br>
PublicKey = uM3OykF94Ior3CnRudN6AwH4zNqN8Vh7CwcuwQaCt3E=<br>
AllowedIPs = <a href="http://0.0.0.0/0" rel="noreferrer" target="_blank">0.0.0.0/0</a><br>
Endpoint = <a href="http://192.168.11.44:2200" rel="noreferrer" target="_blank">192.168.11.44:2200</a><br>
# This is for if you’re behind a NAT and want the connection to be kept<br>
alive.<br>
PersistentKeepalive = 25<br>
<br>
Output of "sudo wg-quick up ~/.config/wireguard/wg0.conf":<br>
INFO: (utun1) 2018/12/25 03:47:35 Starting wireguard-go version 0.0.20181222<br>
[+] Interface for wg0 is utun1<br>
[#] wg setconf utun1 /dev/fd/63<br>
[#] ifconfig utun1 inet <a href="http://192.168.1.2/24" rel="noreferrer" target="_blank">192.168.1.2/24</a> 192.168.1.2 alias<br>
[#] ifconfig utun1 up<br>
[#] route -q -n add -inet6 ::/1 -interface utun1<br>
route: writing to routing socket: Network is unreachable<br>
[#] route -q -n add -inet6 8000::/1 -interface utun1<br>
route: writing to routing socket: Network is unreachable<br>
[#] route -q -n add -inet <a href="http://0.0.0.0/1" rel="noreferrer" target="_blank">0.0.0.0/1</a> -interface utun1<br>
[#] route -q -n add -inet <a href="http://128.0.0.0/1" rel="noreferrer" target="_blank">128.0.0.0/1</a> -interface utun1<br>
[#] route -q -n add -inet 192.168.11.15 -gateway 192.168.11.1<br>
[+] Backgrounding route monitor<br>
<br>
ifconfig for utun0 and utun1:<br>
utun0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 2000<br>
inet6 fe80::6431:138d:3530:c696%utun0 prefixlen 64 scopeid 0xb<br>
inet 192.168.1.2 --> 192.168.1.1 netmask 0xffffff00<br>
nd6 options=201<PERFORMNUD,DAD><br>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1420<br>
inet 192.168.1.2 --> 192.168.1.2 netmask 0xffffff00<br>
<br>
Output of "netstat -an | grep utun":<br>
netstat -rn | grep utun<br>
0/1 utun1 USc 67 0 <br>
utun1 <br>
128.0/1 utun1 USc 2 0 <br>
utun1 <br>
192.168.1.2 192.168.1.2 UH 0 0 <br>
utun1 <br>
default fe80::%utun0 <br>
UGcI utun0 <br>
fe80::%utun0/64 fe80::6431:138d:3530:c696%utun0<br>
UcI utun0 <br>
fe80::6431:138d:3530:c696%utun0 link#11 <br>
UHLI lo0 <br>
ff01::%utun0/32 fe80::6431:138d:3530:c696%utun0<br>
UmCI utun0 <br>
ff02::%utun0/32 fe80::6431:138d:3530:c696%utun0<br>
UmCI utun0 <br>
<br>
Both "ping 192.168.1.1" and "ping 192.168.1.2" report Request timeout.<br>
<br>
I'm also not able to get rid of the utun0 interface, which did not exist<br>
before Wireguard I think.<br>
Shankar<br>
_______________________________________________<br>
WireGuard mailing list<br>
<a href="mailto:WireGuard@lists.zx2c4.com" target="_blank">WireGuard@lists.zx2c4.com</a><br>
<a href="https://lists.zx2c4.com/mailman/listinfo/wireguard" rel="noreferrer" target="_blank">https://lists.zx2c4.com/mailman/listinfo/wireguard</a><br>
</blockquote></div><br clear="all"><div>The Debian config seems to be missing an `Address`. I'm not sure if that's really the issue here, but I cannot see anything else wrong with the config. I run a very similar config to tunnel b/w a mac and ubuntu. <br><br>Regarding the utun0, I seem to have the same interface on my laptop and it's not managed by wg. </div><div><br></div><div><br></div>-- <br><div dir="ltr" class="gmail_signature">Regards, <br><br>Jaseem Abid<br><a href="https://twitter.com/jaseemabid" target="_blank">https://twitter.com/jaseemabid</a><br></div></div>