Can't connect GL-SFT1200 to WireGuard-Client

Routers VPN, DNS, Leaks
1

I have problems establishing a WireGuard connection with my GL-SFT1200. Here is my config data (keys are hidden)

[Interface]
PrivateKey = HIDDEN
Address = 192.168.178.202/24
DNS = 192.168.178.1, fritz.box

[Peer]
PublicKey = HIDDEN
PresharedKey = HIDDEN
AllowedIPs = 192.168.178.0/24, 0.0.0.0/0
Endpoint = anonymized_domain.myfritz.net:59024
PersistentKeepalive = 25

:white_check_mark: Can connect with iOS and macOS

I can connect to WireGuard using the same config file with the WireGuard iOS app and also the MacOs app succesfully. I can’t connect with my router!

:no_entry_sign: Can’t connect with GL-SFT1200

This is the error message:

VPN client failed to connect. This may be because of wrong configuration, unsupported parameters or terminated by the server.

Looking forward to having your support on this. Thank you very much!

2

I am having the same issue. Cant connect via Wireguard.
Used 2 different routers, 2 different VPN… it does not connect. I even refreshed the whole router and installed it from scratch. My wireguard connect works on my Mobile phone… But there is something wrong with the router. It looks like a broad issue with the latest software upgrade.
The good thing is that at least I was able to connect via OpenVPN to my VPN provider… but this is a workaround… I need to connect to my personal VPN and its a remote connection in another country. Not even GOODCLOUD is working…

Please fix it asap…

3

Did you try both devices from a completely different network, so you know if it’s some port forwarding issue maybe?

4

I don’t think so. My SFT1200 was working flawlessly on 4.5.x.

5

Can connect with WireGuard on iOS and macOS on other network or with mobile data, yes.

6

From where do you use your travel router to connect?
Since you don’t use the default ports, it might be blocked.

AllowedIPs = 192.168.178.0/24
The 192.168.178.0/24 isn’t needed.
What is the network of your travelrouter?

7

I tried everything possible, hopefully someone will find the issue w; this new update.
at least I can get openvpn working with my VPN provider as a workaround… the problem is that my remote private VPN only has wireguard enabled…
Not sure what is wrong with goodcloud… I cant remote access to my remote router to enable Openvpn.

8

Could you please elaborate on what you did?
What does the log tells about the wg connection?

9

Currently, from my home network. Trying to connect to my friends network with WireGuard.

I have tried AllowedIPs = 0.0.0.0/0, but got the same error. Removing the whole line wasn’t accepted.

10

It’s important that your router uses a different network (192.168.x.x) than the one you want to connect to.

11

the logs doesnt provide any info, the connection just waits… it seems that there arent any handshakes between my router and the remote vpn.
If you are telling me that you are able to connect through WG with the latest software, then it could be an issue with my VPN provider (TorGuard) and also my private VPN running WG.
Now the second issue is with GOODCLOUD… it’s not connecting… The website is not working correctly… so I cannot even try to enable OPENVPN in my remote router… anyone else reporting issues with GOODCLOUD?

thanks.

12

Since I am not sure what you are trying to do: Connecting to a server which is using VPN as well is mostly not successful. You need to draw (draw.io) your network topology for better understanding.

Can you provide error messages or something like that? But the problem could be your VPN at home as well.

13

First of all, thank you @admon very much for your support and help in solving the problem.

As mentioned, the WireGuard connection works via iOS and macOS from network A. The GL-SFT1200 (network GL) is connected to network A via a modem router to have internet access. When I am in network GL, I cannot establish a WireGuard connection even with the macOS app. Thank you for your approach, I think we need to find the solution here?

14

First make sure SFT1200 is not in the same network as the Fritzbox.
Second, in the wireguard config, pls remove the “fritz.box” from the dns

15

Unfortunately, removing fritz.box didn’t help. Still get the VPN failed to connect error.

The IP of the router in the external network (10 miles away) I am trying to connect with, is 192.168.178.1

CleanShot 2024-03-01 at 17.03.08
CleanShot 2024-03-01 at 17.03.08872×573 50.2 KB

latest config lines

[Interface]
PrivateKey = HIDDEN
Address = 192.168.178.202/24
DNS = 192.168.178.1

[Peer]
PublicKey = HIDDEN
PresharedKey = HIDDEN
AllowedIPs = 192.168.178.0/24,0.0.0.0/0
Endpoint = domain.myfritz.net:59024
PersistentKeepalive = 25

Removing the 192.168.178.0/24 from AllowedIPs = 192.168.178.0/24,0.0.0.0/0 didn’t help either.

16

And the internal IP of the router you are trying to connect from isn’t in 192.168.178.x I hope?
(None of the internal address. Not even guest network)

17

The IP of the router of network A (WLAN-2…) is 192.168.2.1. I can connect from WLAN-2… with WireGuard iOS and macOS app successfully. The GL-SFT1200 (network GL) router, the one that does not connect with WireGuard has the IP 192.168.2.128.

Thanks again so much for your support!

18

Won’t work.

The network isn’t allowed to overlap.
Change the network of the GL one to something different than 192.168.2.x

19

You mean change the 128 from the router IP from 192.168.2.128 to anything else?

CleanShot 2024-03-01 at 19.29.55
CleanShot 2024-03-01 at 19.29.55742×793 81.8 KB

20

I am not sure if you understood my correctly.

You can’t connect to a VPN from within the network you want to connect to.
So when using VPN all networks need to be unique.

Consider to use draw.io to draw a small map of your network, like explained here.