I have a working wireguard endpoint and two machines trying to connect to the endpoint.
One machine uses Fedora Workstation 36, the other uses Centos 9 stream.
The Fedora machine connects to the wireguard endpoint just fine, but the Centos 9 stream machine does not.
For tests, both machines use the same wireguard configuration file. Redacted version as follows:
Code: Select all
[Interface]
Address = 192.168.79.4/32
PrivateKey = KEY
DNS = 1.1.1.1
[Peer]
PublicKey = ENDPOINT_PUBKEY
PresharedKey = PSK
Endpoint = 121.3.184.220:1194
AllowedIPs = 0.0.0.0/0, ::/0
On the centos machine I then enabled debug output for wireguard using "echo module wireguard +p >/sys/kernel/debug/dynamic_debug/control".
Trying to connect then fills my dmesg with the following:
Code: Select all
[13147.424768] wireguard: wg0: Interface created
[13147.430508] wireguard: wg0: Peer 43 created
[13147.431235] wireguard: wg0: Peer 43 ((einval)) destroyed
[13147.431280] wireguard: wg0: Peer 44 created
[13147.524383] wireguard: wg0: Sending handshake initiation to peer 44 (121.3.184.220:1194)
[13152.813618] wireguard: wg0: Handshake for peer 44 (121.3.184.220:1194) did not complete after 5 seconds, retrying (try 2)
[13152.813664] wireguard: wg0: Sending handshake initiation to peer 44 (121.3.184.220:1194)
[13158.445646] wireguard: wg0: Handshake for peer 44 (121.3.184.220:1194) did not complete after 5 seconds, retrying (try 2)
[13158.445725] wireguard: wg0: Sending handshake initiation to peer 44 (121.3.184.220:1194)
[13163.565626] wireguard: wg0: Handshake for peer 44 (121.3.184.220:1194) did not complete after 5 seconds, retrying (try 2)
[13163.565668] wireguard: wg0: Sending handshake initiation to peer 44 (121.3.184.220:1194)
[13169.077679] wireguard: wg0: Peer 44 (121.3.184.220:1194) destroyed
[13169.099764] wireguard: wg0: Interface destroyed
I then turned on wireshark on the centos machine, and there I do get the complete handshake, see attachment (in tar.gz archive so I can upload it. Originally .pcapng file)
Any suggestions what I can do to make centos connect to my wireguard endpoint just like fedora does?
Thanks a lot for your help!
EDIT: How was this solved: Set the time and date correctly on the centos server, see post below.