Why does Vpn connect to windows via WireGuard, but after that the Internet connection stops working?

M

Michael_Goldberg2022-03-16 14:11:19

VPN

Michael_Goldberg, 2022-03-16 14:11:19

I use a cloud server on ubuntu 20.04, works on ip 185.253.44.4:3333, here is the content of the config (wg0.conf):

[Interface]
Address = 185.253.44.4/24
ListenPort = 3333
PrivateKey = mLc+jV2XjWt9OLvXyqa2+J+OOPmuV77As4jUZTss8mk=

Here is the output of the command "sudo systemctl status [email protected]":

● [email protected] - WireGuard via wg-quick(8) for wg0
     Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled)
     Active: active (exited) since Wed 2022-03-16 10:50:13 UTC; 4s ago
       Docs: man:wg-quick(8)
             man:wg(8)
             https://www.wireguard.com/
             https://www.wireguard.com/quickstart/
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
    Process: 4443 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=0/SUCCESS)
   Main PID: 4443 (code=exited, status=0/SUCCESS)
      Tasks: 0 (limit: 527)
     Memory: 1.5M
     CGroup: /system.slice/system-wg\x2dquick.slice/[email protected]

Mar 16 10:50:13 opezd79549 systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
Mar 16 10:50:13 opezd79549 wg-quick[4443]: [#] ip link add wg0 type wireguard
Mar 16 10:50:13 opezd79549 wg-quick[4443]: [#] wg setconf wg0 /dev/fd/63
Mar 16 10:50:13 opezd79549 wg-quick[4443]: [#] ip -4 address add 185.253.44.4/24 dev wg0
Mar 16 10:50:13 opezd79549 wg-quick[4443]: [#] ip link set mtu 1420 up dev wg0
Mar 16 10:50:13 opezd79549 systemd[1]: Finished WireGuard via wg-quick(8) for wg0.

Output after "sudo ip a show wg0":

interface: wg0
  public key: FRrQgjEXAeY7MpLPcdDuCd1e6LylHc6414zbpUEclkQ=
  private key: (hidden)
  listening port: 3333
[email protected]:/etc/wireguard# sudo ip a show wg0
3: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none 
    inet 185.253.44.4/24 scope global wg0
       valid_lft forever preferred_lft forever

On windows I connect through the application from wireguard. Here is the tunnel config:

[Interface]
PrivateKey = 6JW3oWJ/cXg1T9Q7b9jCShQ8snoEaf4sCBSllJD6a0E=
Address = 178.155.6.110/24

[Peer]
PublicKey = FRrQgjEXAeY7MpLPcdDuCd1e6LylHc6414zbpUEclkQ=
AllowedIPs = 0.0.0.0/0
Endpoint = 185.253.44.4:3333
PersistentKeepalive = 15

I don't use a firewall, because even after opening the port for the server, it's impossible to connect to it.
On the VPN client, it connects instantly, but the Internet connection stops working.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

D

Drno, 2022-03-16
@Drno

what religion makes people use not very popular VPN protocols?) there is a simple openVPN)))
I think that, by analogy with openVPN, you need to specify the defeult gateway in the VPN in the client (if you need everything through it) Enable
NAT on the server (ubuntu) - it should make money (first of all)

Z

zontar, 2022-03-17
@zontar

Forwarding must be enabled:
sysctl -w net.ipv4.ip_forward=1
And NAT is configured. In its basic form, you need to add wg0.conf to the config, replacing interface_name with the name of the network interface that looks on the Internet:

[Interface]
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o <interface_name> -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o <interface_name> -j MASQUERADE

You may need to explicitly add DNS to the client config, for example:

[Interface]
DNS = 1.1.1.1

H

herypank, 2022-03-17
@herypank

uninstall wireguard using a script, and then install again

wget https://git.io/wireguard -O wireguard-install.sh && bash wireguard-install.sh