NetBSD-Users archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Wireguard woes



To: Peter Miller <feurry%gmail.com@localhost>, beaker <beaker%sdf.org@localhost>
Subject: Re: Wireguard woes
From: Ramiro Aceves <ea1abz%gmail.com@localhost>
Date: Tue, 20 Jan 2026 13:11:52 +0100
 

El 28/9/25 a las 21:51, Peter Miller escribió:


On Sat, Sep 27, 2025 at 1:10 PM beaker <beaker%sdf.org@localhost> wrote:



         sudo ifconfig wg0 create
         sudo ifconfig wg0 inet 10.2.0.2/32
         # /etc/wg/wg0 contains just the Proton PrivateKey
         sudo wgconfig wg0 set private-key /etc/wg/wg0
         sudo wgconfig wg0 add peer Proton '<Proton PublicKey>' \
           --allowed-ips=0.0.0.0/0,::/0 --endpoint=<Proton Endpoint:Port>
         sudo ifconfig wg0 up
     fi



I have wireguard working fine on NetBSD server and client with a
similar looking config. No experience with Proton, but I don't see
anything wrong here.



My understanding is that changing the default route shouldn't be needed with
wireguard and doing so via 'sudo route -f add default 10.2.0.2' consistently
hangs the system..



try this

# change default route to the Proton servers Peer address. I'm just
guessing that it's 10.2.0.1
route change default 10.2.0.1

You might want to remove the DNS line too just while troubleshooting,
or set it to 1.1.1.1 or something first.



Hello
I have the same problem trying to make a tunnel from  https://connect.44net.cloud work using the built in NetBSD WireGuard.  They provide a free IP address in 44.0.0.0 range for amateur radio  registered hams and a tunnel.
I see the tunnel ok and "connected" in green colour in the provider WEB  admin page but if I ping my IP from outside it does not return. 


I am using a RaspberryPi Zero W with this config wgconfig script:

#!/bin/sh
set -x
ifconfig wg0 create
ifconfig wg0 inet 44.x.y.z/32
ifconfig wg0 inet6 a::b:c:d:f/128
wgconfig wg0 set private-key /etc/wg/wg0.priv
wgconfig wg0 add peer A \
xzxzxzxzxzxzxzxcccxvzcxcxzc= \
--allowed-ips=0.0.0.0/0,::/0 \
--endpoint=44.r.s.1:44000
ifconfig wg0 up

wg0 is up and running:

netbsd-raspaZeroW# ifconfig wg0
wg0: flags=0x8041<UP,RUNNING,MULTICAST> mtu 1420
        status: active
        inet6 a::b:e:f:8547%wg0/64 flags 0 scopeid 0x3
        inet6 a::b:c:d:bae9%wg0/128 flags 0 scopeid 0x3
        inet 44.x.y.z/32 flags 0

Sorry for destroying the IPs, hope not to difficult reading.
I also could not replicate this provider settings, I di not found a  NetBSD wg equivalent: 

DNS = 1.1.1.1,1.0.0.1
MTU = 1380
PersistentKeepalive = 20



netbsd-raspaZeroW# route -n show
Routing tables

Internet:
Destination Gateway Flags Refs Use Mtu  Interface 
default            192.168.1.1        UGS         -        -      -  bwfm0
44.x.y.z       wg0                UHl         -        -      -  wg0
44.x.y.z/32    44.x.y.z       U           -        -      -  wg0
127/8              127.0.0.1          UGRS        -        -  33176  lo0
127.0.0.1          lo0                UHl         -        -  33176  lo0
192.168.1/24       link#2             UC          -        -      -  bwfm0
192.168.1.230      link#2             UHl         -        -      -  lo0
192.168.1.203      d8:3a:dd:99:78:45  UHL         -        -      -  bwfm0
192.168.1.1        60:8d:26:32:34:23  UHL         -        -      -  bwfm0



Thanks.
Ramiro.

Follow-Ups:

Re: Wireguard woes
From: Sad Clouds

References:

Wireguard woes
From: beaker
Re: Wireguard woes
From: Peter Miller


Prev by Date: Re: Internet services and US vs EU jurisdiction

Next by Date: Re: Internet services and US vs EU jurisdiction

Previous by Thread: Re: Wireguard woes

Next by Thread: Re: Wireguard woes

Indexes:

reverse Date
reverse Thread
Old Index


Home | Main Index | Thread Index | Old Index