Wireguard configure vpn

fnava · March 7, 2023, 9:43pm

I have a wireguard vpn configuration on my router, the ports are open and the server configuration I think is correct, however, when I want to connect a client, it only shows me this error:
[TUN] [client1] Handshake for peer 1 (mi ip:51820) did not complete after 5 seconds, retrying (try 2)
It is the only error that reproduces
Next, I put the configuration of the client and server:

Client configuration
[Interface]
Private Key 1
Address = 10.0.0.2/32
DNS = 64.6.64.6

[Peer]
Public Key 1
AllowedIPs = 0.0.0.0/0, ::/0
Endpoint = 189.141.56.60:51820
PersistentKeepalive = 25

Server configuration
config servers
option local_ip ‘10.0.0.1’
option local_port ‘51820’
option local_ipv6 ‘fd00:db8:0:abc::1’
option private key 2
option public key 1
option access ‘ACCEPT’
option enable ‘1’

config peers ‘wg_peer_5088’
option name ‘wir’
option client_key
option private_key
option client_ip ‘10.0.0.2/32’
option public key 2

The server configuration is generated automatically because the router is compatible with wireguard(model flint GL-AX1800), only the client is being configured*

If somebody please, has so kind to help to resolve this issues i will appreciate.

rthco · March 8, 2023, 3:34am

If you’re absolutely sure UDP 51820 is forwarded from any upstream devices and there’s no firewall in the way (and your keys are correct) then try lowering the MTU (maybe you’re on DSL?).

Interfaces section:
MTU = 1360

fnava · March 8, 2023, 6:12pm

Hi
-im sure for UDP 51820 and the keys are correct
-I’m going to check the firewall and the MTU and tell you later

many thanks for you answer.

fnava · March 9, 2023, 1:08am

Sorry for the delay, I did the tests that you told me and I keep getting the same error. Is there something else I could try?

rthco · March 9, 2023, 2:05am

Would need to know more about the configuration. Is the “server” a router behind an ISP modem? If so:

have you assigned the server a static IP from the modem and forwarded port 51820 UDP to it?
does the server have a firewall (if it’s a GL router then this should be handled already by the gui)
can you setup a second client config file and test connecting from another device (eg. a phone with the wireguard app)?

If all else fails, you may want to try regenerating the keys.

fnava · March 9, 2023, 5:07am

Regarding point 2 yes its correct
point 3, I have already tried this without result
with the point 1 I will check it and I will tell you,
thank you so much.