[BUG] Conneted to the Wiregurad server, but no network connection on client side.
rclarsfull opened this issue · 3 comments
Is there an existing issue for this?
- I have searched the existing issues
Current Behavior
See caption, set aup as docer compose:
this dident work:
´´´
services:
wireguard:
image: lscr.io/linuxserver/wireguard:latest
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE #optional
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- SERVERURL=********************
- SERVERPORT=51820 #optional
- PEERS=5 #optional
- PEERDNS=192.168.0.3 #optional
- INTERNAL_SUBNET=10.13.13.0 #optional
- ALLOWEDIPS=0.0.0.0/0 #optional
- PERSISTENTKEEPALIVE_PEERS=all #optional
- LOG_CONFS=true #optional
volumes:
- ./config:/config
- ./modules:/lib/modules #optional
ports:
- 51820:51820/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv4.ip_forward=1
restart: unless-stopped
´´´
Fixed it with this reddit post : https://www.reddit.com/r/WireGuard/comments/zxzu2a/wireguard_server_in_docker_and_client_peer/
But this cant be expected behavior, it works by simply reducing the allowed ip range:
- ALLOWEDIPS=10.13.13.0/24,192.168.0.0/24
Expected Behavior
No response
Steps To Reproduce
simply run the given docker compose config and try to connect with an iphone and the wiregurd app to the network
Environment
- OS: Debian
- How docker service was installed:
services:
wireguard:
image: lscr.io/linuxserver/wireguard:latest
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE #optional
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- SERVERURL=********************
- SERVERPORT=51820 #optional
- PEERS=5 #optional
- PEERDNS=192.168.0.3 #optional
- INTERNAL_SUBNET=10.13.13.0 #optional
- ALLOWEDIPS=0.0.0.0/0 #optional
- PERSISTENTKEEPALIVE_PEERS=all #optional
- LOG_CONFS=true #optional
volumes:
- ./config:/config
- ./modules:/lib/modules #optional
ports:
- 51820:51820/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv4.ip_forward=1
restart: unless-stoppedCPU architecture
x86-64
Docker creation
services:
wireguard:
image: lscr.io/linuxserver/wireguard:latest
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE #optional
environment:
- PUID=1000
- PGID=1000
- TZ=Europe/Berlin
- SERVERURL=********************
- SERVERPORT=51820 #optional
- PEERS=5 #optional
- PEERDNS=192.168.0.3 #optional
- INTERNAL_SUBNET=10.13.13.0 #optional
- ALLOWEDIPS=0.0.0.0/0 #optional
- PERSISTENTKEEPALIVE_PEERS=all #optional
- LOG_CONFS=true #optional
volumes:
- ./config:/config
- ./modules:/lib/modules #optional
ports:
- 51820:51820/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
- net.ipv4.ip_forward=1
restart: unless-stoppedContainer logs
no errors, internaly show showed an active connection but somehow there was a wong ip set for allowed ips.Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.
It doesn't look like you fixed anything by changing the allowed ips. All you did was to bypass the vpn so your client can connect to the internet (but not through the vpn).
You didn't post logs so I can't tell if the tunnel is up or not, but you need to check for a handshake on the server with docker exec wireguard wg show. If it doesn't show one, then your client is not really connected. In that case, double check the server IP & port and make sure they're forwarded and accessible from your client.
Closing as this is not a bug. You can utilize our discord or discourse servers for further assistance.
I tryd it again but somehow it only woks this way. I dont have the old configuration, i just wanteted to make the experience for new people better. It definetfly works this way. With the 0.0.0.0 I can send data to the server but the clients dont get a response. Even the Handshake shows up in wg show. but somhow the clients dont recive Data over the tunnel. Maybe a routing issue in the container.