 |
VOOZH | about |
|
VOOZH | about |
Thanks for learning with the DigitalOcean Community. Check out our offerings for compute, storage, networking, and managed databases.
With over 6 years of experience in tech publishing, Mani has edited and published more than 75 books covering a wide range of data science topics. Known for his strong attention to detail and technical knowledge, Mani specializes in creating clear, concise, and easy-to-understand content tailored for developers.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi there, I have followed this instruction step by step, a few times over and over now and getting this error:
beck@VPN-NL:~$ sudo systemctl start wg-quick@wg0.service Job for wg-quick@wg0.service failed because the control process exited with error code. See “systemctl status wg-quick@wg0.service” and “journalctl -xe” for details. beck@VPN-NL:~$ sudo systemctl start wg-quick@wg0.service Job for wg-quick@wg0.service failed because the control process exited with error code. See “systemctl status wg-quick@wg0.service” and “journalctl -xe” for details. beck@VPN-NL:~$ sudo systemctl status wg-quick@wg0.service ● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0 Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Sun 2021-10-24 11:22:56 UTC; 7s ago Docs: man:wg-quick(8) man:wg(8) https://www.wireguard.com/ https://www.wireguard.com/quickstart/ https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8 https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8 Process: 25546 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=1/FAILURE) Main PID: 25546 (code=exited, status=1/FAILURE)
Oct 24 11:22:56 VPN-NL systemd[1]: Starting WireGuard via wg-quick(8) for wg0… Oct 24 11:22:56 VPN-NL wg-quick[25546]: [#] ip link add wg0 type wireguard Oct 24 11:22:56 VPN-NL wg-quick[25546]: [#] wg setconf wg0 /dev/fd/63 Oct 24 11:22:56 VPN-NL wg-quick[25566]: Line unrecognized: `…’ Oct 24 11:22:56 VPN-NL wg-quick[25566]: Configuration parsing error Oct 24 11:22:56 VPN-NL wg-quick[25546]: [#] ip link delete dev wg0 Oct 24 11:22:56 VPN-NL systemd[1]: wg-quick@wg0.service: Main process exited, code=exited, status=1/FAILURE Oct 24 11:22:56 VPN-NL systemd[1]: wg-quick@wg0.service: Failed with result ‘exit-code’. Oct 24 11:22:56 VPN-NL systemd[1]: Failed to start WireGuard via wg-quick(8) for wg0. beck@VPN-NL:~$ systemctl status wg-quick@wg0.service ● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0 Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Sun 2021-10-24 11:22:56 UTC; 25s ago Docs: man:wg-quick(8) man:wg(8) https://www.wireguard.com/ https://www.wireguard.com/quickstart/ https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8 https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8 Process: 25546 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=1/FAILURE) Main PID: 25546 (code=exited, status=1/FAILURE)
I am trying to install this on a fresh Droplet.
i follow the steps line by line, i enable ip forwarding using sysctl for both ipv4 and ipv6
and finally my result configs for server is :
[Interface]
Address = 10.10.1.1/24
ListenPort = 51822
PrivateKey = < -- Cutted -- >
PostUp = ufw route allow in on wg0 out on eth0
PostUp = iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
PostUp = ip6tables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
PreDown = ufw route delete allow in on wg0 out on eth0
PreDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
PreDown = ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
[Peer]
PublicKey = < -- Cutted -- >
AllowedIPs = 10.10.1.2/32
and client :
[Interface]
PrivateKey = < -- Cutted -- >
Address = 10.10.1.2/24
DNS = 8.8.8.8
[Peer]
PublicKey = < -- Cutted -- >
AllowedIPs = 0.0.0.0/0
Endpoint = < -- Cutted -- >:51822
PersistentKeepalive = 15
but it won’t work. i tried many times, check systemctl for service running and yes it’s runnig very good.
i used tcpdump -i wg0 but sadly it’s not received any traffik.
my client logged error is :
2021-11-17 22:50:07.616314: [TUN] [wg0] Handshake for peer 1 (< -- Cutted -- >:51822) did not complete after 5 seconds, retrying (try 2)
So what i miss ?
from somebody that is thoroughly unfamiliar with iptables. I followed this article and it worked perfectly, except for one question
My WG clients connect to the server that has forwarding set and access to the internet works perfectly. However, the WG clients would like access to other WG clients and ping times out. It seems the server setting below hints to my issue. The first line seems to indicate that ALL traffic coming in on wg0 should go out eth0 (internet in my case). However, what about incoming traffic on wg0 with a destination of 10.8.0.1/24 network (essentially the WG subnet). Is it forwarding those destination addresses to eth0? If that is the issue, how to i exclude incoming wg0 traffic destined for 10.8.0.1/24 to remain and forward appropriately?
PostUp = ufw route allow in on wg0 out on eth0 PostUp = iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE PostUp = ip6tables -t nat -I POSTROUTING -o eth0 -j MASQUERADE PreDown = ufw route delete allow in on wg0 out on eth0 PreDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE PreDown = ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
The two steps with umask 077 should be run by root, otherwise sudo tee doesn’t use that mask.
Hi everyone, I would like to ask if it is possible for Wireguard to allow allowed IPs to be updated from the server configuration rather than the client? Thank you in advance for your answer!
@jamonation Hello… in step 1 is the file path in sudo chmod go= /tmp/private.key a typo? I presume I need to chmod the file key created in /etc/wireguard/?
Thank you. I have a question about enabling compression in WireGuard. How can I configure and enable zstd compression in WireGuard tunnel? I would appreciate your help.
Hello, i’m stuck at Step 6 because everytime I do “sudo systemctl start wg-quick@wg0.service”
but it would show this error “root@theboyzrighthere:~# sudo systemctl start wg-quick@wg0.service Job for wg-quick@wg0.service failed because the control process exited with error code. See “systemctl status wg-quick@wg0.service” and “journalctl -xe” for details.”
and i tried doing “sudo systemctl status wg-quick@wg0.service”
and it says this “● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0 Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Sat 2022-02-26 15:37:53 UTC; 1min 13s ago Docs: man:wg-quick(8) man:wg(8) https://www.wireguard.com/ https://www.wireguard.com/quickstart/ https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8 https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8 Process: 5640 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=1/FAILURE) Main PID: 5640 (code=exited, status=1/FAILURE)”
this is from a freshly deployed ubuntu 20.04 droplet, i’ve followed everything step by step but it shows that error
Hello, how to solve this error and iptables?
root@vpsdigital:/etc/wireguard# wg-quick up wg0 [#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 Warning: AllowedIP has nonzero host part: 10.0.0.2/24 Warning: AllowedIP has nonzero host part: fd4e:c8df:0af4::2/64 Line unrecognized: `PostUp=iptables-tnat-IPOSTROUTING-oeth0-jMASQUERADE’ Configuration parsing error [#] ip link delete dev wg0 root@vpsdigital:/etc/wireguard#
Hello, I tried several times now and I always get the same error. Anybody an idea? I am a complete banana in this and dont understand much. Any help very much appreciated.
lines 1-22/22 (END)…skipping… × wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0 Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; preset: enabled) Active: failed (Result: exit-code) since Sun 2022-11-06 22:36:52 UTC; 18s ago Docs: man:wg-quick(8) man:wg(8) https://www.wireguard.com/ https://www.wireguard.com/quickstart/ https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8 https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8 Process: 2435 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=1/FAILURE) Main PID: 2435 (code=exited, status=1/FAILURE) CPU: 18ms
Nov 06 22:36:52 climbingcervino systemd[1]: Starting WireGuard via wg-quick(8) for wg0… Nov 06 22:36:52 climbingcervino wg-quick[2435]: [#] ip link add wg0 type wireguard Nov 06 22:36:52 climbingcervino wg-quick[2435]: [#] wg setconf wg0 /dev/fd/63 Nov 06 22:36:52 climbingcervino wg-quick[2457]: Line unrecognized: `/etc/wireguard/wg0.conf’ Nov 06 22:36:52 climbingcervino wg-quick[2457]: Configuration parsing error Nov 06 22:36:52 climbingcervino wg-quick[2435]: [#] ip link delete dev wg0 Nov 06 22:36:52 climbingcervino systemd[1]: wg-quick@wg0.service: Main process exited, code=exited, status=1/FAILURE Nov 06 22:36:52 climbingcervino systemd[1]: wg-quick@wg0.service: Failed with result ‘exit-code’. Nov 06 22:36:52 climbingcervino systemd[1]: Failed to start WireGuard via wg-quick(8) for wg0. ~ ~ ~ ~
Full documentation for every DigitalOcean product.
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
