Hey there, I’ve got my Comet Pro KVM from Kickstarter campaign. I love it ant want to use it remotely via WireGuard.
I’ve tried to establish a connection via WireGuard, but I got the following error:
$ wg-quick up wg0 [#] ip link add wg0 type wireguard [#] wg setconf wg0 /dev/fd/63 [#] ip -4 address add 192.168.x.x/32 dev wg0 [#] ip link set mtu 1420 up dev wg0 [#] resolvconf -a wg0 -m 0 -x /usr/bin/wg-quick: line 32: resolvconf: command not found [#] ip link delete dev wg0
Furthermore, I want to enable the service via systemctl enable [email protected] there is neither systemctl nor service installed on the system. Does anyone know how to solve both problems?
@Flora72 thanks for your fast response. I reset the comet pro and tried it again, but it fails. WireGuard is installed by default, so I think the issue is that the resolvconf binary is missing.
Steps to reproduce:
Start the Comet Pro (V1.7.0release2 (RM10).
Generate a WireGuard configuration.
Store the configuration under /etc/wireguard/wg0.conf
Run the command: wg-quick up wg0
To my mind the issue I have should be come up. Can you or somebody else can try it? Just to double check.
Afterwards I want to follow the instructions you posted. But to my mind it shouldn’t be neccessary to install wireguard again via the install script like in the github repo.
I can also have a call or private chat for more troubleshooting, if the issue is confirmed or if you need more information.
RM10 does not support systemctl and service, WireGuard can be configured without those service:
Manual setup (replace [config-path] and [your-ip]): ip link add wg0 type wireguard wg setconf wg0 [config-path] ip link set wg0 up ip addr add [your-ip] dev wg0
Example: ip addr add 192.168.100.2/24 dev wg0
For auto-start: Add these commands to a boot script, this avoids wg-quick dependencies entirely.
For reference, boot script/etc/rc.local (create if missing): echo "ip link add wg0 type wireguard;wg setconf wg0 [config-path] ip link set wg0 up;ip addr add [your-ip] dev wg0" >> /etc/rc.local chmod +x /etc/rc.local
it does not work. Afaik the comet and comet pro has different firmware installed on the system. wg-quick is already installed but I encounter some issues. First with DNS entry:
bash-5.2# wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 192.168.4.5/32 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a wg0 -m 0 -x
/bin/wg-quick: line 32: resolvconf: command not found
[#] ip link delete dev wg0
after I removed the dns entry:
ash-5.2# wg-quick up wg0
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 192.168.4.5/32 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] wg set wg0 fwmark 51820
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n
Warning: Extension addrtype revision 0 not supported, missing kernel module?
Warning: Extension comment revision 0 not supported, missing kernel module?
iptables-restore: line 3 failed
[#] ip -4 rule delete table 51820
[#] ip -4 rule delete table main suppress_prefixlength 0
[#] ip link delete dev wg0
Is there any way to get wq-quick working out of the box with a firmware update?
Is it possible to install softwarepackages or contribute to the project? I want to try to fix it but I cant since no package manager I know isn’t installed.
wg-quick is a script that does different things depending on your wireguard configuration (in /etc/wireguard/wg0.conf). Use manual instructions as @Flora72 said and post the error if any. Also include your wg configuration for additional support.
I assume your wg network is 192.168.4.0/24? Make sure it doesn’t conflict with other networks you are attached to.
What is your use case? you likely don’t need 0.0.0.0/0 in AllowIPs.
is your wg server reachable publicly? Like what devices are supposed to be on addresses 192.168.xxx.1 and 192.168.xxx.2 that you are pinging. These are local addresses, you don’t need to hide them or it is hard to debug
I have successfully conntected an unraid server with the same networks and an Fedora client also with the same networks (i use a DNS entry for the public endpoint). But it does not work with the public IP in the kvm.
As far as I know is the 0.0.0.0 required to send all traffic over the wireguard Network.
Ok, but I am still missing something, I will have to assume it. There are 4 devices. A is the KVM, B is the device attached to the KVM that you want to control, C is the wireguard server, and finally D is the client device you will use to reach the KVM and finally control B.
A and B are in the local network 192.168.34.0/24. Where are C and D? I assume they are both in the remote local network 192.168.67.0/24. Now, how are these 2 local network connected? I assume C has a public IP, is that the case?
If your goal is to control B from D, then you don’t need to allow 0.0.0.0/0. But we will get there, first we need to clarify the use case
Alright more information:
A: The KVM has the ip: 192.168.34.45 (and wireguard network IP 192.168.4.8) → is not connected
B: The server which is attached to the kvm has: 192.168.34.41 (this server is also successfully connected via wireguard 192.168.4.3)
C: is the wireguard server and is in the remote local network (192.168.67.2)
D: is a client device with the ip 192.168.67.8
Usecase Client D (192.168.67.8) want to access A the KVM via the wireguard IP (192.168.4.8)
The clients in the remote network have access to the wireguard network (D can access B)
Then activate it with wg-quick up. Compared to your previous configuration, it specifies the address of the kvm, creates a rule in iptables to allow forward traffic (only on the wireguard interface), enable ip forwarding in the kernel, and limit the AllowedIPs to the wireguard network.
If the connection establishes (check with wg show), then you can try to ping the KVM from D. If the ping works, it should also work opening the KVM web interface in the browser from D