GL-X750v2 problem with Wireguard client

Hi,

I’ve got a problem with my Spitz (3.201), see my configuration :

VPN connection is ok :

pi@raspberrypi:~ $ pivpn -c
::: Connected Clients List :::
Name Remote IP Virtual IP Bytes Received Bytes Sent Last Seen
Routeur4G_home xxx.xxx.xxx.xxx:12885 10.6.0.2 177KiB 528KiB avril 19 2021 - 13:36:08
Client1_home xxx.xxx.xxx.xxx:57301 10.6.0.3 3,2MiB 19MiB avril 19 2021 - 13:26:06
::: Disabled clients :::

Green link ok, orange links not ok.

No problem between client 10.6.0.3 and server (ping and ssh work) but impossible with Spitz , server or client 10.6.0.3. The ssh from Spitz to server or another vpn client is also not working.

Router config :
config proxy
option access ‘ACCEPT’
option main_server ‘Routeur4G_home’
option enable ‘1’
option host ‘XXX.XXX.XXX.XXX’

config peers ‘wg_peer_5098’
option name ‘Routeur4G_home’
option listen_port ‘12885’
option private_key ‘xxxxxxxxxxxxxxxxxxxxxxxxx’
option end_point ‘xxxxx.xxxx.xxx:51820’
option public_key ‘xxxxxxxxxxxxxxxxxxxxxxxxxxxxx’
option persistent_keepalive ‘25’
option preshared_key ‘xxxxxxxxxxxxxxxxxxxxxx’
option allowed_ips ‘10.0.6.0/24, 192.168.8.0/24’
option mtu ‘1280’
option address ‘10.6.0.2/24’

Some time ago I had successfully completed this configuration with GL-X750 without entering the firewall configurations

I don’t know iptables rules, probably a problem there?

Thank you for your help

Hi,

No answers :face_with_head_bandage:

Perhaps to favor the Astrorelay solution…

Regards,

Which carrier are you using? Do not use Verizon.

If you ssh from Spitz to server or 10.6.0.3, I don’t see there is a problem.

If you want to ssh to Spitz, you should use 3.201 firmware and enable this option.

Hi,

Thanks a lot to your answer.

I used Orange (France).

ssh from Spitz to server or client not work no more. Spitz must be installed at a customer’s premises in order to take control of the equipment (LAN). I need take ssh to spitz for ping LAN equipements and more.

Spitz is already on 3.201 firmware ans this option is actived.

Looking forward to your response, thank you

Not sure why ssh from spitz does not work. But you can remote terminal to spitz from goodcloud or astrorelay?

Goodcloud not working because the router have a private WAN IP (that’s why I use Wireguard)

I did not try Astrorelay on this configuration (already done on another and it works), however on the configuration it will be too heavy and not suitable.

I already managed to get an identical setup to work some time ago (without Astrorelay).

it’s still weird that the VPN can see the router well but I can’t connect to it using ssh!

Goodcloud works without public IP.

From 3.201 we have the remote terminal via cloud.

1 Like

Hi,

Indeed it works. Ok for ssh terminal.

We are progressing but how to access the local network of the Spitz?

You have to use our S2S or astrorelay solution

Site to site with GoodCloud ? Ok i will test this