This was manually solved, I didn’t check any other comment till the issue was fixed.

Take a look at my comment.

Thank you all for helping!

Hello.

I have wireguard set but the second it runs, services like ssh (22) and smb (455/445?) stop working.

nmap thinks my system is down.

Here is my config, I followed debian’s guide since my server is Deb12:

[Interface]
Address = 192.168.1.120/24
SaveConfig = true
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o wlp1s0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o wlp1s0 -j MASQUERADE
ListenPort = 51820
PrivateKey = XXX

[Peer]
PublicKey = xxx
AllowedIPs = 192.168.1.230/32
Endpoint = 192.168.1.230:50104

No extra config was made.

  • TOR-anon1OP
    link
    4
    edit-2
    1 year ago

    Solved:

    IP Table: Server : 192.168.1.120 / wg0 : 10.0.0.1 Client : 192.168.1.230 / wg0 :10.0.0.2


    Server:

    [Interface]
    Address = 10.0.0.1/24
    SaveConfig = true
    PostUp = iptables -t nat -I POSTROUTING -o wlp1s0 -j MASQUERADE
    PostUp = ip rule add table 200 from 192.168.1.230
    PostUp = ip route add table 200 default via 192.168.1.1
    PreDown = iptables -t nat -D POSTROUTING -o wlp1s0 -j MASQUERADE
    PreDown = ip rule delete table 200 from 192.168.1.230
    PreDown = ip route delete table 200 default via 192.168.1.1
    ListenPort = 51820
    PrivateKey = XXX
    
    [Peer]
    PublicKey = yyy
    AllowedIPs = 0.0.0.0/0
    

    Client:

    [Interface]
    Address = 10.0.0.2/24
    PrivateKey = YYY
    
    [Peer]
    AllowedIPs = 10.0.0.0/24
    Endpoint = 192.168.1.120:51820
    PublicKey = xxx
    
    • @[email protected]
      link
      fedilink
      11 year ago

      Why is this needed? I have the minimal config for both server and client and smb and ssh bith work without issue.

      • TOR-anon1OP
        link
        11 year ago

        Would you mind sharing the config (without keys)?

        This is my first time using WG.

        • @[email protected]
          link
          fedilink
          1
          edit-2
          1 year ago

          There is nothing special about the config, it’s the most basic config you can have as shown in the example at the bottom of this page.

          https://docs.opnsense.org/manual/how-tos/wireguard-client.html

          The part that was a bit complex is the ‘server’ setting. My server is on my router (opnsense) so you need to opnsense specific settings.

          I suspect the reason you need the extra stuff is because of how the Debian server is setup so that stuff will vary if you ever try to run another ‘server’ node. (I put server in quotes because wireguard doesn’t actually have server and client as a concept)

          • TOR-anon1OP
            link
            11 year ago

            I believe it’s automated.

            The server/client thing always confused me.