[WireGuard] Troubleshooting with WireGuard

Daniel Kahn Gillmor dkg at fifthhorseman.net
Tue Jul 12 19:46:26 CEST 2016


On Tue 2016-07-12 17:58:58 +0200, Baptiste Jonglez wrote:
> On Tue, Jul 12, 2016 at 11:42:28PM +0800, Quan Zhou wrote:
>> I'm trying to connect to [2600:3c01:..:1487]:41414 from [2400:6180:...:1]
>> 
>> I have added the specific IPv6 /128 address to the AllowedIPs on one side,
>> and
>> on the other side I simply put ::0/0.
>> 
>> The address I've set was:
>> 
>> srv1 # ip addr add 10.240.51.2/24 dev wg0
>> srv2 # ip addr add 10.240.65.2/24 dev wg0
>
> I think you are confusing IP addresses used on the public Internet and IP
> addresses used "inside" the wireguard VPN.  AllowedIPs refers to IP
> addresses *inside* the VPN.

This isn't the first confusion of this type with wireguard.  It too me a
while to figure out and understand the distinction myself.  This
suggests that the documentation could be improved or (maybe and?) that
the choice of configuration names might be suboptimal.

While we're still in the experimental stages is a good time to propose
improvements in naming.  Is there a better name to give either Endpoint
or AllowedIPs (or both)?

   --dkg


More information about the WireGuard mailing list