Problems on MacOS (Mojave)

Shankar Ramamoorthy shankar at me.com
Tue Dec 25 12:54:56 CET 2018 

Installed Wireguard via MacPorts on machine running macOS Mojave 10.14.2.

It worked the very first time, but haven't been able to get it to work
since.

Any help or suggestions appreciated. Gory details below.

Machines: 192.168.11.44 (macos, 192.168.1.2) and 192.168.11.15 (Debian,
192.168.1.1)

I know that Wireguard on the Debian box is working properly because I
can connect to it from a different peer.

macos config:
[Interface]
Address = 192.168.1.2/24
PrivateKey = kJbWLVX6tj+PxV9eKTZ0g4akHiPFOreUwsqsDrRXJmo=
ListenPort = 2200

[Peer]
PublicKey = H+RLiowROj143Xjn/P87R4qcSmt+X7ROaPVzXYrYb1U=
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = 192.168.11.15:2200
# This is for if you’re behind a NAT and want the connection to be kept
alive.
PersistentKeepalive = 25

Debian config:
[Interface]
PrivateKey = uMZzy458hweehyFfD4PenKwsH1/bKHSn0ayOWLknl2U=
ListenPort = 2200

[Peer]
PublicKey = uM3OykF94Ior3CnRudN6AwH4zNqN8Vh7CwcuwQaCt3E=
AllowedIPs = 0.0.0.0/0
Endpoint = 192.168.11.44:2200
# This is for if you’re behind a NAT and want the connection to be kept
alive.
PersistentKeepalive = 25

Output of "sudo wg-quick up ~/.config/wireguard/wg0.conf":
INFO: (utun1) 2018/12/25 03:47:35 Starting wireguard-go version 0.0.20181222
[+] Interface for wg0 is utun1
[#] wg setconf utun1 /dev/fd/63
[#] ifconfig utun1 inet 192.168.1.2/24 192.168.1.2 alias
[#] ifconfig utun1 up
[#] route -q -n add -inet6 ::/1 -interface utun1
route: writing to routing socket: Network is unreachable
[#] route -q -n add -inet6 8000::/1 -interface utun1
route: writing to routing socket: Network is unreachable
[#] route -q -n add -inet 0.0.0.0/1 -interface utun1
[#] route -q -n add -inet 128.0.0.0/1 -interface utun1
[#] route -q -n add -inet 192.168.11.15 -gateway 192.168.11.1
[+] Backgrounding route monitor

ifconfig for utun0 and utun1:
utun0: flags=8050<POINTOPOINT,RUNNING,MULTICAST> mtu 2000
    inet6 fe80::6431:138d:3530:c696%utun0 prefixlen 64 scopeid 0xb
    inet 192.168.1.2 --> 192.168.1.1 netmask 0xffffff00
    nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1420
    inet 192.168.1.2 --> 192.168.1.2 netmask 0xffffff00

Output of "netstat -an | grep utun":
netstat -rn | grep utun
0/1                utun1              USc            67        0  
utun1      
128.0/1            utun1              USc             2        0  
utun1      
192.168.1.2        192.168.1.2        UH              0        0  
utun1      
default                                 fe80::%utun0                   
UGcI          utun0      
fe80::%utun0/64                         fe80::6431:138d:3530:c696%utun0
UcI           utun0      
fe80::6431:138d:3530:c696%utun0         link#11                        
UHLI            lo0      
ff01::%utun0/32                         fe80::6431:138d:3530:c696%utun0
UmCI          utun0      
ff02::%utun0/32                         fe80::6431:138d:3530:c696%utun0
UmCI          utun0    

Both "ping 192.168.1.1" and "ping 192.168.1.2" report Request timeout.

I'm also not able to get rid of the utun0 interface, which did not exist
before Wireguard I think.
Shankar

More information about the WireGuard mailing list