Hi,
Thank for the update; I tried what you said but it didn't fix the route.
Any other suggestions to check ?
Posts by Fabbz
-
-
Routing issues is not wireguard if your wireguard config file has settings for a VPN provider it is OK. It is connman that handles the routing. Do this cmd in ssh before connecting to a VPN:
Shell sessionrouteThen connect to your VPN and do that "route" command again provide that here so I can see. And provide the wireguard file note edit your WireGuard.PrivateKey = ******* we do not need that!
Yes I'm busy to tackle that all day; normally I don't have issues with my own endpoints.
There is a route to my router which doesn't know anything about the WG subnet. I think that is strange.
My default routing table:
# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default router-01 0.0.0.0 UG 0 0 0 wlan0
172.17.0.0 * 255.255.0.0 U 0 0 0 docker0
172.18.0.0 * 255.255.0.0 U 0 0 0 br-6f5896045ba5
172.19.0.0 * 255.255.0.0 U 0 0 0 br-19a4612b6a85
172.20.0.0 * 255.255.0.0 U 0 0 0 br-e10d004d3074
172.21.0.0 * 255.255.0.0 U 0 0 0 br-f3438bd3805a
172.22.0.0 * 255.255.0.0 U 0 0 0 br-572a21dfb173
192.168.101.0 * 255.255.255.0 U 0 0 0 wlan0
192.168.101.254 * 255.255.255.255 UH 0 0 0 wlan0
212.8.*.* router-01 255.255.255.255 UGH 0 0 0 wlan0WG Config:
[provider_wireguard]
Type = WireGuard
Name = NL-PROTON-98-FREE
Host = 212.8.250.216
WireGuard.Address = 10.2.0.2/32
WireGuard.ListenPort = 51820
#WireGuard.MTU = 1420
WireGuard.PrivateKey = ***
WireGuard.PublicKey = ***
WireGuard.DNS = 10.2.0.1
WireGuard.AllowedIPs = 0.0.0.0/0, ::/0
WireGuard.EndpointPort = 51820
WireGuard.PersistentKeepalive = 25WG routing table:
# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default * 0.0.0.0 U 0 0 0 wg0
10.2.0.0 * 255.255.255.0 U 0 0 0 wg0
10.2.0.1 192.168.101.254 255.255.255.255 UGH 0 0 0 wlan0
172.17.0.0 * 255.255.0.0 U 0 0 0 docker0
172.18.0.0 * 255.255.0.0 U 0 0 0 br-6f5896045ba5
172.19.0.0 * 255.255.0.0 U 0 0 0 br-19a4612b6a85
172.20.0.0 * 255.255.0.0 U 0 0 0 br-e10d004d3074
172.21.0.0 * 255.255.0.0 U 0 0 0 br-f3438bd3805a
172.22.0.0 * 255.255.0.0 U 0 0 0 br-572a21dfb173
192.168.101.0 * 255.255.255.0 U 0 0 0 wlan0
192.168.101.254 * 255.255.255.255 UH 0 0 0 wlan0
212.8.*.* 192.168.101.254 255.255.255.255 UGH 0 0 0 wlan0
I can ping 8.8.8.8 but DNS resolving - so pinging the WG gateway 10.2.0.1 or using it as DNS is not working. Because of that my route print and my traceroute are very slow because of RDNS lookup. -
ConnMan keys stores network profiles against the MAC address of the WiFi card so check the MAC is persistent. Some cheap USB dongles have none programmed so the kernel assigns a random address on each boot; resulting in the new MAC not matching against existing stored profiles and requiring you to enter details again.
In the case of an RPi5 board it's more likely that the connection is bad as the onboard WiFi isn't great.
Use LE13 ..
This MAC issue is pretty 2001; newer DHCP packages solve that these days pretty well.
-
OK, I thought something like it was missing!
I only have routing issues with wireguard; normally no issues on other systems. Have you experienced this ?
Thanks so far; maybe this needs to be added to your Wiki including the config template ? -
Hi,
As my OpenVPN with Proton just stopped to work yesterday I needed to see if I could use wireguard. Can i just load an Wireguard from Proton and it should be able to connect or is it not supported yet ?
