Page 1 of 1

Wireguard - Can't browse the internet

Posted: 2020/06/12 20:04:00
by migasll
Hi,

I'm having a little trouble setting up Wireguard. I'd really appreciate some help, I've lost several days on this.

I have my LAN (192.168.1.1/24) where I have a centos7 server where I installed wireguard (10.100.100.1/24). On the same LAN, I have my own DNS server and also multiple hosted websites.

I've already tried using a windows client on 4G data and an android client. Both have the same behaviour:
  • The handshake happens and the server sees the client connected;
  • The client can ping everyone in my LAN, including the DNS server, and also in wireguard lan;
  • I can browser any website hosted in my LAN without problems;
  • The client can ping google.com and is being resolved by my DNS server. The client can also ping several external websites, but not all. Some always give timeout, despite the ip being resolved;
  • I can't browse any external website in any browser, i always get a timeout.
This is really strange because I can ping google but I can't browse it in any browser.

Here are the configs I'm using:

Code: Select all


##SERVER

[Interface]
Address = 10.100.100.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i %i -j ACCEPT
PostUp = iptables -A FORWARD -o %i -j ACCEPT
PostUp = iptables -t nat -A POSTROUTING -o enp1s0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT
PostDown = iptables -D FORWARD -o %i -j ACCEPT
PostDown = iptables -t nat -D POSTROUTING -o enp1s0 -j MASQUERADE
ListenPort = 51820
PrivateKey = XXX
MTU = 1500

[Peer]
PublicKey = XXX
AllowedIPs = 10.100.100.2

Code: Select all

##CLIENT

[Interface]
Address = 10.100.100.2
PrivateKey = XXXXXX
DNS = 192.168.1.70
MTU = 1500

[Peer]
PublicKey = XXXXX
Endpoint = XXXXX:51820
AllowedIPs = 0.0.0.0/0
PersistentKeepalive = 21

Thank you very much to anyone that can help

Re: Wireguard - Can't browse the internet

Posted: 2020/06/13 17:37:46
by migasll
Anyone? Please??

Re: Wireguard - Can't browse the internet

Posted: 2020/06/13 18:06:28
by toracat
How did you install wireguard? Using elrepo's packages?

Re: Wireguard - Can't browse the internet

Posted: 2020/06/14 10:07:29
by migasll
toracat wrote:
2020/06/13 18:06:28
How did you install wireguard? Using elrepo's packages?
Hi, yes, I followed the official documentation:
yum install yum-plugin-elrepo
yum install kmod-wireguard wireguard-tools

Re: Wireguard - Can't browse the internet

Posted: 2020/06/15 15:23:26
by toracat
According to the person who is maintaining wireguard for Fedora and CentOS:
the wireguard mailing list is most likely the best spot for this.
I think there is also an IRC channel for wireguard. Hope you can get help from those venues.

Re: Wireguard - Can't browse the internet

Posted: 2020/06/16 15:17:42
by pjsr2
The symptoms could be explained by having a proxy server configured and you can connect to the proxy server. However the proxy server does not allow you to access the internet and does for some reason not reply with an error page.