Ubuntu host, installed Wireguard + tools, wg-gen-web not working

Question

Ubuntu host, installed Wireguard + tools, wg-gen-web not working

zilexa opened this issue 3 years ago · comments

I must be missing a step. I used to have PiVPN (Wireguard) installed and created configs with that, everything worked.
Now I uninstalled PiVPN, uninstalled wireguard (which also removes wireguard-tools), deleted /etc/wireguard.

After a reboot,, I do sudo apt install wireguard which also installs tools automatically.
Then run my docker-compose up -d:

  vpn-server-ui:
    image: vx3r/wg-gen-web:latest
    container_name: vpn-server-ui
    restart: always
    networks:
      - management
    environment:
      WG_CONF_DIR: /data
      WG_INTERFACE_NAME: wg0.conf
      SMTP_HOST: $SMTP
      SMTP_PORT: 587
      SMTP_USERNAME: $SMTPUSER
      SMTP_PASSWORD: $SMTPPASS
      SMTP_FROM: $EMAIL
    volumes:
      - /etc/wireguard:/data
    ports:
      - "5100:8080"

I can access the webui on port 5100 just fine.

Server configuration:
Public Key: ....
Listen port: 51822
Server interface addresses: 10.6.6.1/24

Client Configuration:
Public endpoint: mydomain.cloud:51822
DNS server: 1.1.1.1
Default allowed: 0.0.0/0, ::/0
No values for MTU and keepalive

I create a client:

email address: my address
Addresses: 10.6.6.2/32
Allowed IP addresses: 0.0.0/0, ::/0
No values for MTU and keepalive

After saving, I do:
sudo systemctl start wg-quick@wg0.service
Reload doesn't work because wg hasn't been started before.

Then I scan the QR code with my Android phone and try to connect: nothing. 0 bytes received, some bytes send.

What am I missing?

EDIT: I can access my server LAN IP! Just no internet. Perhaps a DNS issue?
But I simply used 1.1.1.1 for testing.. would expect that to work.

vx3r · Answer 1 · Sat Jun 26 2021 00:24:57 GMT+0800 (China Standard Time)

probably MASQUERADE is missing check out https://www.cyberciti.biz/faq/how-to-set-up-wireguard-firewall-rules-in-linux/

ZileXa · Answer 2 · Sat Jun 26 2021 00:44:48 GMT+0800 (China Standard Time)

Still no luck after:

sudo iptables -t nat -I POSTROUTING 1 -s 10.6.6.1/24 -o eth0 -j MASQUERADE
sudo iptables -I INPUT 1 -i wg0 -j ACCEPT
sudo iptables -I FORWARD 1 -i eth0 -o wg0 -j ACCEPT
sudo iptables -I FORWARD 1 -i wg0 -o eth0 -j ACCEPT
sudo iptables -I INPUT 1 -i eth0 -p udp --dport 51822 -j ACCEPT
sudo sysctl -w net.ipv4.ip_forward=1

And finally: sudo systemctl reload wg-quick@wg0.service
Disconnected/reconnected on my phone.

ZileXa · Answer 3 · Sat Jun 26 2021 00:49:11 GMT+0800 (China Standard Time)

WORKS!
eth0 is ofcourse not correct, should be eno1 :)
Thanks!

I did notice one bug: for some reason I can no longer fill in a DNS address in Server Settings > Global Clients Configuration. Whenever I hit Save or Apply Globally, the field is emptied..

vx3r · Answer 4 · Sat Jun 26 2021 01:11:19 GMT+0800 (China Standard Time)

please share wg gen web logs after saving the modifications

ZileXa · Answer 5 · Sat Jun 26 2021 05:59:06 GMT+0800 (China Standard Time)

Will do and then I'll create a new issue. Let's close this one :)