Unable to Connect via WireGuard

defbeat7 · July 9, 2023, 2:40am

Yea it was, I used the IP you provided.

bring.fringe18 · July 9, 2023, 2:42am

Apologies; I edited my post since you just made that post. Could you refresh? I’d like to see what, if anything, reports back from the WG display tools. It shows slightly more information that what’s given using the GL GUI’s VPN Dashboard.

defbeat7 · July 9, 2023, 2:48am

root@GL-AXT1800:~# wg show
interface: wgclient
public key: BvnIhVf0zzpO0iPqB9Qn8teixGBGHDmsaEsGvOoWKDY=
private key: (hidden)
listening port: 58819

peer: qfOj2Fr4TMksxXcEai0/Qq/CDT8asRLyvQqA0aEAkj0=
endpoint: :51820
allowed ips: 0.0.0.0/0, ::/0
transfer: 0 B received, 1.16 KiB sent
persistent keepalive: every 25 seconds

bring.fringe18 · July 9, 2023, 2:56am

GL DDNS: hj82918.glddns.com (obfuscated)
Opal (GL-SFT1200): LAN IP 192.168.8.1, Role: WG Server
Slate AX (GL-ATX1800): LAN IP unknown, WAN IP unknown, Role: WG Client

What’s your LAN IP for the Slate AX (GL GUI → Network → LAN → Router IP Address)?
What IP address is your Opal assigning to the Slate AX as a Opal Wi-Fi Client (GL GUI → Clients)?

defbeat7 · July 9, 2023, 3:09am

Question #1 192.168.8.1
Question #2 So when I go to Clients in the OPAL I dont see Slate AX on there. I see the laptop I used, my phone and my other desktop and the IPS vary. Under WireGuard Server in the OPAL device I see Slate AX CLient IP being 172.58.100.112

defbeat7 · July 9, 2023, 3:50am

Ok so I just went to Slate AX (GL GUI → VPN → VPN Dashboard → and click on the configuration file I see the following address hj28981.glddns.com:51820 and when I SSH into Slate AX and run the following it shows it as closed there.

root@GL-AXT1800:~# nmap -sU -p 51820 hj28981.glddns .com
Starting Nmap 7.80 ( https://nmap .org ) at 2023-07-08 22:48 CDT
Nmap scan report for hj28981.glddns .com (107.222.107.3)
Host is up (0.00030s latency).
rDNS record for 107.222.107.3: GL-AXT1800.attlocal .net

PORT STATE SERVICE
51820/udp closed unknown

Nmap done: 1 IP address (1 host up) scanned in 0.49 seconds

bring.fringe18 · July 9, 2023, 3:59am

I think your two routers are conflicting based on their LAN IPs. This could block WG in a collision if so. Can you set your Opal to 192.168.18.1 instead of its default .8.1?

(GL GUI → Network → LAN → Router IP Address)

defbeat7 · July 9, 2023, 4:07am

Done, I was able to SSH into it as well to confirm the IP change.

bring.fringe18 · July 9, 2023, 4:10am

GL DDNS: hj82918.glddns.com (obfuscated)
Opal (GL-SFT1200): LAN IP 192.168.18.1, Role: WG Server
Slate AX (GL-ATX1800): LAN IP unknown, WAN IP unknown, Role: WG Client

Based on the result of your last nmap probe for your ddns it appears your Slate AX is connected to your ATT modem. Is this the case?

If so which device do you intend to act as the WG Server? The Opal or Slate AX? The Opal, correct? If so that should be the one connected as ATT ISP → Opal WAN.

defbeat7 · July 9, 2023, 4:19am

Yes the SlateAX is hardwired to the modem and so is the Opal. The Opal will stay behind and the SlateAX is the one I will take with me when I travel.

bring.fringe18 · July 9, 2023, 4:21am

Okay, let’s disconnect the Slate AX’s Ethernet cable & set it to act as a Repeater of the Opal. We’re going to dry run this as if you’re at a friend’s house using their Wi-Fi to connect out to your GL DDNS via the Slate AX.

GL GUI → Internet → Repeater → Connect

defbeat7 · July 9, 2023, 4:24am

Disconnected it and connected it as repeater.

bring.fringe18 · July 9, 2023, 4:26am

Great. Can you ssh into the Slate AX & post the associated IPs it has? I’m looking to check for IP conflicts w/ the Opal, just to be sure.

ip a | grep 192

defbeat7 · July 9, 2023, 4:29am

root@GL-AXT1800:~# ip a | grep 192
inet 192.168.9.1/24 brd 192.168.9.255 scope global br-guest
inet 192.168.8.1/24 brd 192.168.8.255 scope global br-lan
inet 192.168.18.206/24 brd 192.168.18.255 scope global wlan-sta0

bring.fringe18 · July 9, 2023, 4:32am

GL DDNS: hj82918.glddns.com (obfuscated)
Opal (GL-SFT1200): LAN IP 192.168.18.1, Role: WG Server
Slate AX (GL-ATX1800): WAN IP 192.168.18.206, LAN IP 192.168.8.1, Role: WG Client, Mode: Repeater

Good stuff. wlan-sta0 is exactly what I’m looking for. Can you run a new nmap probe on your ddns, please? I’m expecting it to report GL-SFT1200.attlocal.net.

defbeat7 · July 9, 2023, 4:36am

root@GL-AXT1800:~# nmap -sU -p 51820 hj82918.glddns.com
Starting Nmap 7.80 ( https://nmap.org ) at 2023-07-08 23:36 CDT
Nmap scan report for hj82918.glddns. com (143.244.220.150)
Host is up (0.052s latency).

PORT STATE SERVICE
51820/udp open|filtered unknown

Nmap done: 1 IP address (1 host up) scanned in 1.23 seconds

bring.fringe18 · July 9, 2023, 4:41am

So there’s no rDNS record returned this time. Odd. Can you reboot the Opal? I’m looking to force it to update your GL DDNS record which it should do immed. after a fresh boot.

If it has the WG Server running on it, please deactivate it first… & if the Slate AX is trying to run WG Client, pls disable it too for the moment.

bring.fringe18 · July 9, 2023, 4:53am

… Oh, I should mention that I’m not posting the actual ddns for your GL DDNS; it’s something I consider to be a bit of a privacy/security issue so I’ve muddled the numbers a bit.

~~But while I think of it, that GL DDNS hj[redacted] string/code is for the Opal, correct? They are device specific.~~ (EDIT: You identified it was earlier.)

TmKokoto1 · September 23, 2023, 5:39pm

Im a noob and have exactly the same issue but I’m failing to understand the solution. Can u plz help?

alzhao · September 25, 2023, 9:43am

You need to give all the details of your setup.Give your config if necessary. So you’d better do it via email to support at glinet.biz