[General Issue]: Wireguard handshake successful but no traffic returns to client
d3cimate opened this issue · 6 comments
In raising this issue I confirm that
- I have read the documentation
- I have read and understood the PiVPN General Guidelines
- I have read and understood the PiVPN Troubleshooting Guidelines
- The issue I am reporting isn't a duplicate, see closed issues and open issues.
- I have searched for similar issues and solutions
- I can replicate the issue even after a clean OS installation
Describe the issue
Wireguard installed and client configured. When the client connects, the handshake is successful and pivpn recognizes that the client is connected. PiHole and tcpdump both show all client requests but the client cannot access LAN devices or the internet. pivpn -d shows no errors. This issue has happened multiple times before with the exact same behavior as described above. Tried installing both wireguard and openvpn to try and narrow down the problem but openvpn worked properly. Would rather use wireguard since, aside from this issue, it was perfect for me.
Expected behavior
Expected behavior is that the client is able to access LAN and internet.
Please describe the steps to replicate the issue
Unlikely that anyone can actually reproduce this issue but here are the steps:
- Install PiVPN using the install script
- Configure wireguard using the script
- Create client file through PiVPN
- Connect to Pi using wireguard
Have you taken any steps towards solving your issue?
- Uninstall and reinstall PiVPN multiple times
- Changing DNS
- Different client
- Different wireguard port
- Install and test both wireguard and openvpn [openvpn works properly but wireguard still doesnt]
Screenshots
No response
Where did you run pivpn?
RaspberryPi
Please provide your output from uname -a
Linux raspberrypi 6.1.21-v8+ #1642 SMP PREEMPT Mon Apr 3 17:24:16 BST 2023 aarch64 GNU/Linux
Details about Operative System
PRETTY_NAME="Raspbian GNU/Linux 11 (bullseye)"
NAME="Raspbian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"
Installation
Install was successful
Profile / Client creation
Client creation was successful
Debug output
:::: PiVPN debug ::::
:::: Latest commit ::::
Branch: master
Commit: 4446ea0
Author: Dennis Roth
Date: Tue Jul 18 16:04:11 2023 +0200
Summary: add alpine container support
:::: Installation settings ::::
PLAT=Raspbian
OSCN=bullseye
USING_UFW=0
pivpnforceipv6route=1
IPv4dev=eth0
dhcpReserv=1
IPv4addr=192.168.4.100/24
IPv4gw=192.168.4.1
install_user=pi
install_home=/home/pi
VPN=wireguard
pivpnPORT=51820
pivpnDNS1=10.152.156.1
pivpnDNS2=
pivpnHOST=REDACTED
INPUT_CHAIN_EDITED=1
FORWARD_CHAIN_EDITED=1
INPUT_CHAIN_EDITEDv6=
FORWARD_CHAIN_EDITEDv6=
pivpnPROTO=udp
pivpnMTU=1420
pivpnDEV=wg0
pivpnNET=10.152.156.0
subnetClass=24
pivpnenableipv6=0
ALLOWED_IPS="0.0.0.0/0, ::0/0"
UNATTUPG=1
INSTALLED_PACKAGES=()
:::: Server configuration shown below ::::
[Interface]
PrivateKey = server_priv
Address = 10.152.156.1/24
MTU = 1420
ListenPort = 51820
begin d
[Peer]
PublicKey = d_pub
PresharedKey = d_psk
AllowedIPs = 10.152.156.2/32
end d
=============================================
:::: Client configuration shown below ::::
[Interface]
PrivateKey = d_priv
Address = 10.152.156.2/24
DNS = 10.152.156.1
[Peer]
PublicKey = server_pub
PresharedKey = d_psk
Endpoint = REDACTED:51820
AllowedIPs = 0.0.0.0/0, ::0/0
:::: Recursive list of files in ::::
:::: /etc/wireguard shown below ::::
/etc/wireguard:
configs
keys
wg0.conf
/etc/wireguard/configs:
clients.txt
d.conf
/etc/wireguard/keys:
d_priv
d_psk
d_pub
server_priv
server_pub
:::: Self check ::::
:: [OK] IP forwarding is enabled
:: [OK] Iptables MASQUERADE rule set
:: [OK] Iptables INPUT rule set
:: [OK] Iptables FORWARD rule set
:: [OK] WireGuard is running
:: [OK] WireGuard is enabled
(it will automatically start on reboot)
:: [OK] WireGuard is listening on port 51820/udp
:::: Having trouble connecting? Take a look at the FAQ:
:::: https://docs.pivpn.io/faq
:::: WARNING: This script should have automatically masked sensitive ::::
:::: information, however, still make sure that PrivateKey, PublicKey ::::
:::: and PresharedKey are masked before reporting an issue. An example key ::::
:::: that you should NOT see in this log looks like this: ::::
:::: YIAoJVsdIeyvXfGGDDadHh6AxsMRymZTnnzZoAb9cxRe ::::
:::: Debug complete ::::
Hey, thanks for your reply. I followed the steps and none of them worked. pivpn -d returns no errors as shown above, wireguard is running since I am connected to it and both pihole and tcpdump show my requests and packets. Given all of this, everything should be working properly but I still have no access to LAN devices or the internet.
Same problem. On two different vps. Hasn't been working for days. There was no such problem before. I've been using pivpn for a year and a half
Same problem, client can't ping and access anything.
With the latest update, it's working for a minute and stop working for routing to local network.