i can not connect to wireguard with wstunnel in windows

Question

i can not connect to wireguard with wstunnel in windows

evangelme opened this issue 2 months ago · 6 comments

my wireguard conf client is:
[Interface]
PrivateKey ="-------"
Address = 172.16.0.2/32
DNS = 8.8.8.8
MTU = 1300

[Peer]
PublicKey = "----------"
AllowedIPs = 0.0.0.0/0
Endpoint = 127.0.0.1:51820

and my command for ws tunnel is
start wstunnel.exe client --http-upgrade-path-prefix wstunnel -L "udp://127.0.0.1:51820:127.0.0.1:51820" "wss://85.239.61.247:443"
when i first start wstunnel

Opening TCP connection to 85.239.61.247:443
Doing TLS handshake using SNI IpAddress(85.239.61.247) with the server 85.239.61.247:443

so wstunnel run but when i connect to wireguard it block the wstunnel and i have no connection what should i do?

Answer 1 · 2024-03-31T14:40:10.000Z

Endpoint = 127.0.0.1:51820
localhost may be resolve ipv6

worked on linux
wstunnel client -L 'udp://51820:127.0.0.1:51820?timeout_sec=0' wss://85.239.61.247:443 --http-upgrade-path-prefix=blabla

Answer 2 · 2024-03-31T14:57:44.000Z

no it did not fix the problem but tnx for reply man
when i connect to wireguard wstunnel dose not work

Answer 3 · 2024-03-31T15:39:11.000Z

Be sure to disable the kill switch like in #247 (comment)

and don't forget to add a static route to your server.

Answer 4 · 2024-03-31T17:15:55.000Z

i try this as well but it dose not work but tnx for reply

Answer 5 · 2024-04-01T08:38:23.000Z

Are you sure you have set a static route to your server ?
If you have done it, and it still does not works, it mean your wireguard is not correctly setup. Try using a specific range of Allowed IPs instead of 0.0.0.0/0 at first

Answer 6 · 2024-04-01T18:15:10.000Z

i find out the problem when you connect the wireguard it block the server wstunnel ip you should use
https://www.procustodibus.com/blog/2021/03/wireguard-allowedips-calculator/

for allowed ip for example if your server's ip is: 8.8.8.8 you should block wireguard 8.8.8.8 ip for example in this situation your AllowedIPs should be
AllowedIPs = 0.0.0.0/5, 8.0.0.0/13, 8.8.0.0/21, 8.8.8.0/29, 8.8.8.9/32, 8.8.8.10/31, 8.8.8.12/30, 8.8.8.16/28, 8.8.8.32/27, 8.8.8.64/26, 8.8.8.128/25, 8.8.9.0/24, 8.8.10.0/23, 8.8.12.0/22, 8.8.16.0/20, 8.8.32.0/19, 8.8.64.0/18, 8.8.128.0/17, 8.9.0.0/16, 8.10.0.0/15, 8.12.0.0/14, 8.16.0.0/12, 8.32.0.0/11, 8.64.0.0/10, 8.128.0.0/9, 9.0.0.0/8, 10.0.0.0/7, 12.0.0.0/6, 16.0.0.0/4, 32.0.0.0/3, 64.0.0.0/2, 128.0.0.0/1
to let the client side connect to server.
you can do ip route for windows as well but it is harder.

@erebe thankyou for your great job realllly tnx. do you have plan to do it for andorid and ios?