Hello! I have WG server with this config:
[Interface]
Address = 10.0.1.1/24
ListenPort = 51821
PrivateKey = [REDACTED]
[Peer]
PublicKey = [REDACTED]
PresharedKey = [REDACTED]
AllowedIPs = 10.0.1.2/32
When I try to ping I am getting this errors:
PING 10.0.1.2 (10.0.1.2) 56(84) bytes of data.
From 10.0.1.1 icmp_seq=1 Destination Host Unreachable
ping: sendmsg: Destination address required
From 10.0.1.1 icmp_seq=2 Destination Host Unreachable
ping: sendmsg: Destination address required
From 10.0.1.1 icmp_seq=3 Destination Host Unreachable
ping: sendmsg: Destination address required
How to fix it? This is nopt server connection issue otherwise I just wouldn’t receive ping responses.
are you able to get something akin to
route -n
andip a
orifconfig
like printouts/information that you can copy/paste here to to ascertain your networks’ configuration to help us understand your environment and have a better chance of reaching a resolution.i thinking basic routing information like your gateway or your mask might be a decent place to start and i would normally use commands like those in a linux system as a starting point; i’m sure whatever platform you’re using has an analogs.
at first glance it looks like a subnetting issue; but i’m sure i’m interpreting the information you’ve shared incorrectly and this basic routing information will help clarify that.
$ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet [REDACTED]/32 scope global lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host noprefixroute valid_lft forever preferred_lft forever 2: enp6s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether [REDACTED] brd ff:ff:ff:ff:ff:ff inet [REDACTED]/30 brd [REDACTED] scope global dynamic enp6s0 valid_lft 327sec preferred_lft 327sec inet6 fe80::8e0:afff:feae:17cf/64 scope link valid_lft forever preferred_lft forever 3: wlp5s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether [REDACTED] brd ff:ff:ff:ff:ff:ff inet 192.168.0.1/24 brd 192.168.0.255 scope global wlp5s0 valid_lft forever preferred_lft forever inet6 fe80::1291:d1ff:fe5a:2af8/64 scope link valid_lft forever preferred_lft forever 4: virbr1: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:cf:c8:59 brd ff:ff:ff:ff:ff:ff inet 192.168.2.1/24 brd 192.168.2.255 scope global virbr1 valid_lft forever preferred_lft forever 5: virbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 52:54:00:bb:da:14 brd ff:ff:ff:ff:ff:ff inet 192.168.1.1/24 brd 192.168.1.255 scope global virbr0 valid_lft forever preferred_lft forever 6: vnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master virbr0 state UNKNOWN group default qlen 1000 link/ether fe:54:00:ec:b8:55 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc54:ff:feec:b855/64 scope link valid_lft forever preferred_lft forever 7: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000 link/none inet 10.0.1.1/24 scope global wg0 valid_lft forever preferred_lft forever
# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 [REDACTED] 0.0.0.0 UG 0 0 0 enp6s0 10.0.1.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0 [REDACTED] 0.0.0.0 255.255.255.252 U 0 0 0 enp6s0 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wlp5s0 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr1
# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # iptables -L -t nat Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere
i think that eliminates the subnetting netting theory.
let’s switch to some basic troubleshooting on the network: are you able to get use dhcp on this network to get a lease and; if so; can you do it with dhclient with some verbosity? are there any other hosts on the network that respond to ping? is ping allowed on this network?
Your peer have no endpoint configured so the client needs to connect to the server first for it to know where the client is. Try from the client, and it’ll work for a bit both ways.
You’ll want the persistent keepalive option on the client side to keep the tunnel alive.
This is server config
Yeah, and you’re pinging from server to client with no client connected. Ping from the client first to open the connection, or set keep alives on the client.