Opal wireguard client can't connect

ephe · April 16, 2024, 1:15am

I have 2 opals. One is set up as a wireguard server under my xfinity home router–i have set up port forwarding and changed the address to not conflict with Xfinity router.

The other Opal is the wireguard vpn client I take with me. The vpn doesn’t work on the router though I believe the settings are correct because I tried it with the wireguard app on my phone with the same conf file and it works fine.

I’m unsure how to proceed from here. What logs do I need to upload to help diagnose this?

Thanks!

ephe · April 16, 2024, 1:46am

Looking into it a bit more, it seems like repeater mode doesn’t work at all, so of course neither would Wireguard. The server Opal has a static IP reserved on the Xfinity router, but I don’t know how to do it for the client Opal (or if that’s even the right thing to do?)

For clarification, I tried using it solely in repeater mode on my phone hotspot, home wifi, and library wifi. None work.

hecatae · April 16, 2024, 8:49am

so the Opal wireguard server is working fine, it’s just the Opal client?

How are you connecting to your phone, is it via usb or wireless?

ephe · April 16, 2024, 3:40pm

Yes, it looks like the server is fine, since i can connect to it and get my home IP address on my phone using the Wireguard app.

I’ve tried connecting to the client Opal using wireless and ethernet, the repeater does not give me internet either way and the wireguard server does not start (stays yellow forever). In the home page of the admin panel, the image of the repeater to router to laptop/clients all show green lines so I don’t know why there is no internet access.

ephe · April 16, 2024, 7:51pm

I reset the firmware and now repeater works great, but wireguard VPN still does not. The status light is green but it doesn’t seem any traffic passes through. According to some other threads, I’ve set the vpn client to Autodetect (but I also tried Global and it still doesn’t work)

Here’s the log from the VPN dashboard

Tue Apr 16 12:42:58 2024 daemon.notice netifd: Interface 'wgclient' is setting up now
Tue Apr 16 12:42:59 2024 kern.info kernel: [ 2173.394991] wireguard: wireguard-hotplug IFNAME=wgclient ACTION=KEYPAIR-CREATED
Tue Apr 16 12:42:59 2024 daemon.notice netifd: Network device 'wgclient' link is up
Tue Apr 16 12:42:59 2024 daemon.notice netifd: Interface 'wgclient' is now up
Tue Apr 16 12:42:59 2024 user.notice wgclient-up: env value:T_J_V_ifname=string J_V_address_external=1 USER=root ifname=wgclient ACTION=KEYPAIR-CREATED N_J_V_address_external=address-external SHLVL=2 J_V_keep=1 HOME=/ HOTPLUG_TYPE=wireguard T_J_V_interface=string J_V_ifname=wgclient T_J_V_link_up=boolean LOGNAME=root DEVICENAME= T_J_V_action=int TERM=linux SUBSYSTEM=wireguard PATH=/usr/sbin:/usr/bin:/sbin:/bin J_V_interface=wgclient K_J_V= action ifname link_up address_external keep interface J_V_link_up=1 J_V_action=0 T_J_V_address_external=boolean N_J_V_link_up=link-up T_J_V_keep=boolean PWD=/ JSON_CUR=J_V CONFIG_SECTIONS=global AzireVPN Mullvad FromApp group_7551 group_518 group_3485 group_5770 peer_2001 group_1079 peer_2002 peer_2003
Tue Apr 16 12:43:01 2024 user.notice mwan3[10760]: Execute ifup event on interface wgclient (wgclient)
Tue Apr 16 12:43:01 2024 user.notice mwan3[10760]: Starting tracker on interface wgclient (wgclient)
Tue Apr 16 12:43:05 2024 user.notice firewall: Reloading firewall due to ifup of wgclient (wgclient)
Tue Apr 16 12:43:06 2024 user.notice relay: Reloading relay due to ifup of wgclient (wgclient)
Tue Apr 16 12:44:59 2024 kern.info kernel: [ 2293.576834] wireguard: wireguard-hotplug IFNAME=wgclient ACTION=KEYPAIR-CREATED

Here’s my CLIENT conf

[Interface]
Address = 10.1.0.2/24
PrivateKey = XXXXXXXXXX
DNS = 64.6.64.6
MTU = 1420

[Peer]
AllowedIPs = 0.0.0.0/0,::/0
Endpoint = 71.238.75.134:51820
PersistentKeepalive = 25
PublicKey = XXXXXXXXX

My home router (Xfinity) address is 10.0.0.1, and it has assigned the SERVER Opal a specific IP 10.0.0.184.

Is there any other information I can provide to help troubleshoot?

Edit: It feels like this is an issue related to the client Opal’s connection to the server Opal. I tried using some VPN services through the client Opal (so it’s connecting a Proton VPN server, not the server Opal at home), and it works just fine.