Configure wg-access-server on Rancher 2.5.9

Question

Configure wg-access-server on Rancher 2.5.9

patrik-upspot opened this issue 3 years ago · 1 comments

Helllo,

i tryed to deploy the wg-access-server on Rancher with the following yml.

---
persistence:
  enabled: true
ingress:
  enabled: true
  annotations: 
    cert-manager.io/cluster-issuer: "letsencrypt-production"
  hosts: ["URL"]
  tls:
    - hosts: ["URL"]
      secretName: "tls-wg-access-server"
wireguard:
  config:
    privateKey: ""
web:
  config:
    adminUsername: "admin"
    adminPassword: "password"
config:
    allowedIPs:
      - 10.42.0.0/24

The deployment starts successfully and i can access the webpage. But if i try to connect from my Windows10 PC i get the following message:

2021-09-22 17:22:19.877: [TUN] [WireGuard] Sending handshake initiation to peer 1 ([PUBLIC IP OF RANCHER]:51820)
2021-09-22 17:22:24.991: [TUN] [WireGuard] Handshake for peer 1 (PUBLIC IP OF RANCHER]:51820) did not complete after 5 seconds, retrying (try 2)
2021-09-22 17:22:24.991: [TUN] [WireGuard] Sending handshake initiation to peer 1 (PUBLIC IP OF RANCHER]:51820)
2021-09-22 17:22:27.548: [TUN] [WireGuard] Shutting down

At this time, i cannot see any logs in the "wg-access-server-pod".

I set the allowed IP of the internal IP-range of the rancher. All my pods have a ip of 10.42.0.xxx

Can somone tell me how i have to configure the wg-access-server to connect from my pc to the rancher cluster?

Answer 1 · 2021-09-23T19:54:20.000Z

If i configure vpn.cidr to 10.42.0.0/24 the container doesnt start. i also added the

config:
    allowedIPs:
      - 10.42.0.0/24
    wireguard:
      externalHost: "https://vpn.URL.de"