WireGuard not working

Please Note: The TotalFreedom Forum has now been put into a read-only mode. Total Freedom has now closed down and will not be returning in any way, shape or form. It has been a pleasure to lead this community and I wish you all the best for your futures.

    Hello,

    I have the most bizarre problem at the moment. So basically I run WireGuard which is all good. I don't even know how to explain it, but new clients aren't working.

    I have profile A which I made many months ago. I recently created a new profile, B. Profile A works and Profile B doesn't. I checked the .conf file and both of them are exactly the same except for the keys are different for each user. What I do know is that profile A is able to connect fine. Profile B seemingly doesn't connect at all. I ruled out DNS because I can't even ping IP addresses when using profile B. I tried rebooting the entire server and it didn't help. If I run wg show it does recognize that the clients do exist. They are also correctly in the /etc/wireguard/wg0.conf file. I thought that it was perhaps a coincidence because it had the IP of 10.66.66.10. I tried deleting the existing 10.66.66.9 user and setting the IP for 10.66.66.10 to 10.66.66.9 to see if maybe by some miracle that was it. It wasn't. I also tried disabling the firewall, but this wouldn't help since profile A is able to connect and use everything just fine. Basically paging Steven for help with this, I don't even know how to explain it.

    Edit: okay so looking for differences I did find that on the Peer part of the file, the public key for the old two are the same and the new one is different. In the params file, it's the new public key. If I run wg show the public key says it's the old one that all the old files are using?? I changed the new file to use the old public key. This time at least when I run wg show, it actually acknowledges a connection, but I am still unable to use the internet

    Edit 2: to clarify, if it is the public key I'd like to change it so that the new one is used instead. I've already made and deployed the new configs non working so I need to do whatever it takes to make config B work with no change at all even if it makes me need to change config A

    • Best Answer

    Can you show the config files of the client(s) and server? I have to admit that it initially also took me over an hour of reading blog posts to figure out how WireGuard's config actually works despite the fact that there are less than 10 unique settings.

    Edit: the problem has been solved. Telesphoreo was using https://github.com/angristan/wireguard-install, but one of the script's parameters did not match what was actually in the config file.

    So Steven helped me on Discord and as said above the script creates a file called params that stores parameters for generating new configuration files. Somehow the params file changed the public and private keys. The private key in the params and the actual WireGuard config need to match. The public key is generated from the private key (I think) which is what is shown in wg show and what needs to be in the [Peer] PublicKey section.

    I made it so client B had to change nothing by replacing the wg0.conf private key with the one from the params file. If I wanted to change it so client A had to change nothing I would have left the actual wg0.conf file the same and changed the private key from wg0.conf to the params file and then changed Client B to use the old key.

    This was admittedly very confusing as the problem of Client B not getting internet seemingly resolved itself after another reboot.

  • wild1145 November 2, 2022 at 6:58 PM

    Selected a post as the best answer.