[General Issue]: WireGuard - Cannot connect to server -while on mobile cellular network- (Host and Client not receiving anything)

Question

[General Issue]: WireGuard - Cannot connect to server -while on mobile cellular network- (Host and Client not receiving anything)

Closed this issue 3 months ago · 4 comments

In raising this issue I confirm that

I have read the documentation
I have read and understood the PiVPN General Guidelines
I have read and understood the PiVPN Troubleshooting Guidelines
The issue I am reporting isn't a duplicate, see closed issues and open issues.
I have searched for similar issues and solutions
I can replicate the issue even after a clean OS installation

Describe the issue

I had a clean installation, and the server was working at my home network for months. Recently out of nowhere I can't connect to my VPN server from any of my client devices (android and pc). The server has an internet connection and theres no other network problem while I'm on home network.

(I also run pi-hole on the same server)

Expected behavior

Starting the tunnel should make a connection between host server and client device

Please describe the steps to replicate the issue

On client side the tunnel is activated but there is no RX value, only TX
On server side tcpdump doesn't receive anything

-This is only happening when I use my mobile network/hotspot-

I don't know if it's related but:
I connect raspberry pi with an ethernet cable over an ethernet switch (doesn't affect the IP and been using like this for the beginning). Lately its power went off and on again and the server lost internet access for couple of hours. This was happened before but didn't affected the PiVPN.

Have you taken any steps towards solving your issue?

I have Static IP from the beginning, still using the same one and I'm not behind a CGNAT

Server has DHCP binding on router. It's always on the same IP

I reinstalled PiVPN without restoring any backups to test with a clean install. Problem Continues

Screenshots

Where did you run pivpn?

Raspberry Pi 4, 4GB with ethernet connection

Please provide your output from `uname -a`

Linux h1v3 6.1.21-v7l+ #1642 SMP Mon Apr 3 17:22:30 BST 2023 armv7l GNU/Linux

Details about Operative System

PRETTY_NAME="Raspbian GNU/Linux 11 (bullseye)"
NAME="Raspbian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=raspbian
ID_LIKE=debian
HOME_URL="http://www.raspbian.org/"
SUPPORT_URL="http://www.raspbian.org/RaspbianForums"
BUG_REPORT_URL="http://www.raspbian.org/RaspbianBugs"

Installation

No response

Profile / Client creation

No response

Debug output

::::		�[4mPiVPN debug�[0m		 ::::
=============================================
::::		�[4mLatest commit�[0m		 ::::
Branch: master
Commit: 20d3a4ccd4f2d080d6f9a13a74e6369aa9d54476
Author: Orazio
Date: Mon Jan 29 08:53:41 2024 +0100
Summary: fix(install): don't treat http errors as unavailable ipv6
=============================================
::::	    �[4mInstallation settings�[0m    	 ::::
PLAT=Raspbian
OSCN=bullseye
USING_UFW=0
pivpnforceipv6route=1
IPv4dev=eth0
IPv4addr=192.168.1.13/24
IPv4gw=192.168.1.1
install_user=b33k33p3r
install_home=/home/b33k33p3r
VPN=wireguard
pivpnPORT=51820
pivpnDNS1=192.168.1.13
pivpnDNS2=192.168.1.13
pivpnHOST=REDACTED
INPUT_CHAIN_EDITED=1
FORWARD_CHAIN_EDITED=1
INPUT_CHAIN_EDITEDv6=
FORWARD_CHAIN_EDITEDv6=
pivpnPROTO=udp
pivpnMTU=1420
pivpnDEV=wg0
pivpnNET=10.203.104.0
subnetClass=24
pivpnenableipv6=0
ALLOWED_IPS="0.0.0.0/0, ::0/0"
UNATTUPG=1
INSTALLED_PACKAGES=(unattended-upgrades)
=============================================
::::  �[4mServer configuration shown below�[0m   ::::
[Interface]
PrivateKey = server_priv
Address = 10.203.104.1/24
MTU = 1420
ListenPort = 51820
### begin DR0N3 ###
[Peer]
PublicKey = DR0N3_pub
PresharedKey = DR0N3_psk
AllowedIPs = 10.203.104.2/32
### end DR0N3 ###
=============================================
::::  �[4mClient configuration shown below�[0m   ::::
[Interface]
PrivateKey = DR0N3_priv
Address = 10.203.104.2/24
DNS = 10.203.104.1

[Peer]
PublicKey = server_pub
PresharedKey = DR0N3_psk
Endpoint = REDACTED:51820
AllowedIPs = 0.0.0.0/0, ::0/0
=============================================
:::: 	�[4mRecursive list of files in�[0m	 ::::
::::	�[4m/etc/wireguard shown below�[0m	 ::::
/etc/wireguard:
configs
keys
wg0.conf

/etc/wireguard/configs:
DR0N3.conf
clients.txt

/etc/wireguard/keys:
DR0N3_priv
DR0N3_psk
DR0N3_pub
server_priv
server_pub
=============================================
::::		�[4mSelf check�[0m		 ::::
:: [OK] IP forwarding is enabled
:: [OK] Iptables MASQUERADE rule set
:: [OK] Iptables INPUT rule set
:: [OK] Iptables FORWARD rule set
:: [OK] WireGuard is running
:: [OK] WireGuard is enabled 
(it will automatically start on reboot)
:: [OK] WireGuard is listening on port 51820/udp
=============================================
:::: Having trouble connecting? Take a look at the FAQ:
:::: �[1mhttps://docs.pivpn.io/faq�[0m
=============================================
:::: �[1mWARNING�[0m: This script should have automatically masked sensitive       ::::
:::: information, however, still make sure that �[4mPrivateKey�[0m, �[4mPublicKey�[0m      ::::
:::: and �[4mPresharedKey�[0m are masked before reporting an issue. An example key ::::
:::: that you should NOT see in this log looks like this:                  ::::
:::: YIAoJVsdIeyvXfGGDDadHh6AxsMRymZTnnzZoAb9cxRe                          ::::
=============================================
::::		�[4mDebug complete�[0m		 ::::

Answer 1 · 2024-03-04T13:33:03.000Z

quick read thru ...

Lately its power went off and on again and the server lost internet access for couple of hours. This was happened before but didn't affected the PiVPN.

Most likely your external IP Changed,
Double check if your external IP matches what's on the client configuration files.

Edited your issue to make the pivpn output readable.

Answer 2 · 2024-03-04T13:48:38.000Z

quick read thru ...

Lately its power went off and on again and the server lost internet access for couple of hours. This was happened before but didn't affected the PiVPN.

Most likely your external IP Changed, Double check if your external IP matches what's on the client configuration files.

Edited your issue to make the pivpn output readable.

I checked it from the /etc/pivpn/wireguard/setupVars.conf file both of my Host IPs and IPv4 IP are still the same. Besides, I did a clean reinstall deleted old configurations and tested with new ones.

Everything matches with curl -s https://checkip.amazonaws.com output, pivpnHOST=XXXX Endpoint = XXXX:51820 XXXX are same.

And just now I tested with the RPi directly connected to the router. External IPs are still the same. Problem continues

(thanks for the edit I was trying to figure that out)

Answer 3 · 2024-03-05T07:26:33.000Z

UPDATE: I had chance to test with a different wifi connection and the VPN works.

The problem is only with a cellular networks, and it doesn't matter if I use my phone directly or hotspot to my laptop, I couldn't even connect with a different number (of same carrier). What should I do and how can I modify according to work with mobile networks? I use it very often and there wasn't an issue before.

About Github Issue:
Should I open a new discussion about it or could this one be converted?

Answer 4 · 2024-03-05T17:19:29.000Z

I opened a discussion about this: https://github.com/pivpn/pivpn/discussions/1822