Results 1 to 9 of 9

Thread: When connecting to server Wireguard VPN, handshake detected, but no internet

Threaded View

  1. #1
    Join Date
    May 2013
    Beans
    20

    When connecting to server Wireguard VPN, handshake detected, but no internet

    I've been trying to setup Wireguard for my Ubuntu 22.04.3 LTS server that, along with Pi-hole, is hosting a couple of my own self-hosted websites. Ideally, I'd like it so that by connecting via VPN, I'd get access to both the internet and my self-hosted website, filtered through Pi-hole's ad-blocking. I've been following Pi-hole's instructions here, and got up to what seems to be my laptop and Android Phone doing a proper handshake with the server.
    Code:
    $ sudo wg
    interface: wg0
      public key: (redacted)=
      private key: (hidden)
      listening port: 47111
    
    peer: (redacted, Android)=
      preshared key: (hidden)
      endpoint: 172.59.185.188:31743
      allowed ips: 10.100.0.2/32, fd08:4711::2/128
      latest handshake: 34 seconds ago
      transfer: 30.54 KiB received, 22.71 KiB sent
    
    peer: (redacted, laptop-win)=
      preshared key: (hidden)
      endpoint: 73.9.84.143:52098
      allowed ips: 10.100.0.4/32, fd08:4711::4/128
      latest handshake: 1 minute, 26 seconds ago
      transfer: 302.57 KiB received, 2.41 KiB sent
    
    peer: (redacted)=
      preshared key: (hidden)
      allowed ips: 10.100.0.3/32, fd08:4711::3/128
    Boot up Firefox, though, and on Android, neither Google nor my own self-hosted website shows up. I've turned off the wifi on the device, thus using the 5G network to see if the problem is related to the router or not, but to no avail. For laptop, Google barely shows up (presumably from the browser's cache,) LinkedIn doesn't; my self-hosted sites doesn't show up, either. The Wifi notification on the laptop starts telling me there's no internet as soon as I turn Wireguard client on, so that's also concerning.

    What are some ways to troubleshoot what's going on with this?

    Anyway, my /etc/wireguard/wg0.conf is currently configured like so:
    Code:
    [Interface]
    Address = 10.100.0.1/24, fd08:4711::1/64
    ListenPort = 47111
    PrivateKey = (redacted)=
    
    PostUp = nft add table ip wireguard; nft add chain ip wireguard wireguard_chain {type nat hook postrouting priority srcnat\; policy accept\;}; nft add rule ip wireguard wireguard_chain counter packets 0 bytes 0 masquerade; nft add table ip6 wireguard; nft add chain ip6 wireguard wireguard_chain {type nat hook postrouting priority srcnat\; policy accept\;}; nft add rule ip6 wireguard wireguard_chain counter packets 0 bytes 0 masquerade
    PostDown = nft delete table ip wireguard; nft delete table ip6 wireguard
    
    # Android
    [Peer]
    PublicKey = (redacted)=
    PresharedKey = (redacted)=
    AllowedIPs = 10.100.0.2/32, fd08:4711::2/128
    
    # laptop-mac
    [Peer]
    PublicKey = (redacted)=
    PresharedKey = (redacted)=
    AllowedIPs = 10.100.0.3/32, fd08:4711::3/128
    
    # laptop-win
    [Peer]
    PublicKey = (redacted)=
    PresharedKey = (redacted)=
    AllowedIPs = 10.100.0.4/32, fd08:4711::4/128
    My laptop client config looks like this:
    Code:
    [Interface]
    [Interface]
    PrivateKey = (redacted)=
    Address = 10.100.0.4/32, fd08:4711::4/128
    DNS = 10.100.0.1, fd08:4711::1
    
    [Peer]
    PublicKey = (redacted)=
    PresharedKey = (redacted)=
    AllowedIPs = 0.0.0.0/0, ::/0
    Endpoint = (redacted).duckdns.org:47111
    PersistentKeepalive = 25
    If there's anything else I should look over, that'd help. It might be worth noting that I am on XFinity network with a modem provided by them, but using my own Wifi router to designate the Ubuntu server as the DNS server. I've checked what ports Comcast blocks, but 47111 didn't appear on that list. Maybe they're lying?
    Last edited by japtar; September 25th, 2023 at 04:35 AM. Reason: Marking thread as solved

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •