Menu
What's new
By:
Filters Better Search

Wireguard Session Manager - Discussion (2nd) thread

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

ZebMcKayhan said:
Sorry to chip in, but would this require you to copy Home.conf to the remote peer? As it is not in the list of files to copy over, or is this command not requiring this?
Click to expand...
Yes, and I'm sure @JGrana would know that is required until I push wireguard_manager Beta v4.15b2 with the updated instructions....assuming that is the correct fix.

e.g.
Code: 
    WireGuard Site-to-Site Peers Home and Cabin created


    Copy Cabin/Home files:

-rw-rw-rw-    1 admin    root           645 Jan 27 18:59 Cabin.conf
-rw-rw-rw-    1 admin    root            45 Jan 27 18:59 Cabin_private.key
-rw-rw-rw-    1 admin    root            45 Jan 27 18:59 Cabin_public.key
-rw-rw-rw-    1 admin    root           649 Jan 27 18:59 Home.conf
-rw-rw-rw-    1 admin    root            45 Jan 27 18:59 Home_private.key
-rw-rw-rw-    1 admin    root            45 Jan 27 18:59 Home_public.key

    to remote location


    Import Home on remote site using 'import Home type=device'


    Press y to import Home or press [Enter] to SKIP.
y

    [✔] Config Home import as wg22 Site-to-Site (FORCED as 'server') success
 
Martineau said:
On Home, external site Cabin has been automagically 'imported'.....so

On Cabin, try
Code: 
e  = Exit Script [?]

E:Option ==> import Home type=device

:) I assume it works?
Click to expand...
Thanks, did the import Home type=device
And it now shows nicely!
(BTW, I saw the later post and yes, I had already copied Home.conf to the remote site)

And. yes, the iPhone peer, setup on Home is working!
 
JGrana said:
Thanks, did the import Home type=device
And it now shows nicely!
(BTW, I saw the later post and yes, I had already copied Home.conf to the remote site)

And. yes, the iPhone peer, setup on Home is working!
Click to expand...
Brilliant :)

Thanks for taking the time to test/provide feedback on the wireguard_manager Site-to-Site feature.

Just one thing remains...
Do the stats for the connection show correctly? i.e. for a 'client' Peer connecting to a commercial WireGuard ISP, it is usually useful to see how much data is being transferred per hour.

e.g.
Code: 
Jan 28 11:00:00 RT-AX86U-22B0 (wg_manager.sh): 31069 wg11: transfer: 7.25 MiB received, 1.87 MiB sent        0 Days, 04:33:19 from 2022-01-28 06:26:41 >>>>>>
Jan 28 11:00:00 RT-AX86U-22B0 (wg_manager.sh): 31069 wg11: period : 7.22 MiB received, 1.86 MiB sent (Rx=7574190;Tx=1954877)

Not sure if this is something that the Site-to-Site connection already shows or requires you to manually request?
Code: 
e  = Exit Script [?]

E:Option ==> generatestats



    wg11: transfer: 7.25 MiB received, 1.87 MiB sent        0 Days, 06:07:19 from 2022-01-28 11:26:41 >>>>>>
    wg11: period : 7.23 MiB received, 1.86 MiB sent (Rx=7572481;Tx=1954811)
 
When doing the list command, the transfers are displayed, and are correct. The Cabin router reboots once or twice a day right now - dnsmasq Tainted errors...

Here is list from Home:
Code: 
E:Option ==> list

        interface: wg21  Port:61820     10.9.8.1/32                     VPN Tunnel Network      # Home - 192.168.1.0/24
                peer: a2Y9jgXsX8fq0K4nIgewAeIoOG8DT4gPGnqfLU4ddS0=      10.9.8.2/32             # Cabin Site-to-Site LAN 192.168.2.0/24
                 latest handshake: 29 seconds ago
                 transfer: 74.78 MiB received, 43.32 MiB sent           0 Days, 17:51:46 from 2022-01-27 13:42:44
                peer: dnr70S9aDzbx82AVVDR3+Ba0jtI7zCe2U4QoLF2mXH0=      10.9.8.3/32             # iphone13 "Device"
                 latest handshake: 1 minute, 5 seconds ago
                 transfer: 170.43 MiB received, 1.14 GiB sent           0 Days, 17:51:46 from 2022-01-27 13:42:44
                peer: PMorJ8SxpxU9O9W7irJ8jnVWq9LLBdxEqxpYmKQ/LRg=      10.9.8.4/32             # iPad "Device"

        WireGuard ACTIVE Peer Status: Clients 0, Servers 1

And Cabin:
Code: 
E:Option ==> list

        interface: wg22  Port:61821     10.9.8.2/32                     VPN Tunnel Network      # Cabin - 192.168.2.0/24
                peer: VXlOz/BkxGWpYbvqVzDjz7tl/QkZkADrmpq07AT8FCM=      10.9.8.1/32             # Home - 192.168.1.0/24
                 latest handshake: 22 seconds ago
                 transfer: 25.53 MiB received, 57.74 MiB sent           0 Days, 07:42:26 from 2022-01-27 23:53:57

        WireGuard ACTIVE Peer Status: Clients 0, Servers 1

The generatestats command is somewhat confused. It might be related to the time issue. Here is generatestats on Home
Code: 
E:Option ==> generatestats

        Cabin: transfer: 74.85 MiB received, 43.40 MiB sent             0 Days, 17:54:23 from 2022-01-27 13:42:44
        Cabin: period : -418832711 Bytes received, -372768768 Bytes sent (Rx=-418832711;Tx=-372768768)
        iphone13: transfer: 170.56 MiB received, 1.14 GiB sent          0 Days, 17:54:23 from 2022-01-27 13:42:44
        iphone13: period : 143.36 KiB received, 0 Bytes sent (Rx=146801;Tx=0)

        WireGuard ACTIVE Peer Status: Clients 0, Servers 1

And from Cabin:
Code: 
E:Option ==> generatestats

        Home: transfer: 25.62 MiB received, 57.81 MiB sent              0 Days, 07:45:09 from 2022-01-27 23:53:57
        Home: period : -60775465 Bytes received, -110016593 Bytes sent (Rx=-60775465;Tx=-110016593)

        WireGuard ACTIVE Peer Status: Clients 0, Servers 1

Note that I added another peer device to Home - iPad. It works great!
 
JGrana said:
When doing the list command, the transfers are displayed, and are correct. The Cabin router reboots once or twice a day right now - dnsmasq Tainted errors...

Here is list from Home:
Code: 
E:Option ==> list

        interface: wg21  Port:61820     10.9.8.1/32                     VPN Tunnel Network      # Home - 192.168.1.0/24
                peer: a2Y9jgXsX8fq0K4nIgewAeIoOG8DT4gPGnqfLU4ddS0=      10.9.8.2/32             # Cabin Site-to-Site LAN 192.168.2.0/24
                 latest handshake: 29 seconds ago
                 transfer: 74.78 MiB received, 43.32 MiB sent           0 Days, 17:51:46 from 2022-01-27 13:42:44
                peer: dnr70S9aDzbx82AVVDR3+Ba0jtI7zCe2U4QoLF2mXH0=      10.9.8.3/32             # iphone13 "Device"
                 latest handshake: 1 minute, 5 seconds ago
                 transfer: 170.43 MiB received, 1.14 GiB sent           0 Days, 17:51:46 from 2022-01-27 13:42:44
                peer: PMorJ8SxpxU9O9W7irJ8jnVWq9LLBdxEqxpYmKQ/LRg=      10.9.8.4/32             # iPad "Device"
Click to expand...
I've uploaded wireguard_manager Beta v4.15b2 - might be cosmetically pleasing/useful?

e.g. Annotation/tag/comment has always been allowed for a Peer, but it was never actually applied for a Road Warrior 'device' Peer...
.......everything after the comment keyword is free form text to be applied.
Code: 
e  = Exit Script [?]

E:Option ==> peer iPad comment This is a better description than just 'device'!

JGrana said:
The generatestats command is somewhat confused. It might be related to the time issue. Here is generatestats on Home
Code: 
E:Option ==> generatestats

        Cabin: transfer: 74.85 MiB received, 43.40 MiB sent             0 Days, 17:54:23 from 2022-01-27 13:42:44
        Cabin: period : -418832711 Bytes received, -372768768 Bytes sent (Rx=-418832711;Tx=-372768768)
        iphone13: transfer: 170.56 MiB received, 1.14 GiB sent          0 Days, 17:54:23 from 2022-01-27 13:42:44
        iphone13: period : 143.36 KiB received, 0 Bytes sent (Rx=146801;Tx=0)

        WireGuard ACTIVE Peer Status: Clients 0, Servers 1

And from Cabin:
Code: 
E:Option ==> generatestats

        Home: transfer: 25.62 MiB received, 57.81 MiB sent              0 Days, 07:45:09 from 2022-01-27 23:53:57
        Home: period : -60775465 Bytes received, -110016593 Bytes sent (Rx=-60775465;Tx=-110016593)

        WireGuard ACTIVE Peer Status: Clients 0, Servers 1
Click to expand...
OK Thanks, my generatestats suspicions are confirmed, I'll take a look.

EDIT: Probably these may fix the issue:

On Cabin
Code: 
TS=$(date +%s);sqlite3 /opt/etc/wireguard.d/WireGuard.db "INSERT into traffic values('Home','$TS','*','*','*','*');"
TS=$(date +%s);sqlite3 /opt/etc/wireguard.d/WireGuard.db "INSERT into traffic values('Home','$TS','0','0','0','0');"

On Home
Code: 
TS=$(date +%s);sqlite3 /opt/etc/wireguard.d/WireGuard.db "INSERT into traffic values('Cabin','$TS','*','*','*','*');"
TS=$(date +%s);sqlite3 /opt/etc/wireguard.d/WireGuard.db "INSERT into traffic values('Cabin','$TS','0','0','0','0');"
 
Last edited:
Hey!

Never seen this before

***ERROR: WireGuard 'client' doesn't have a LOCAL IP Address! - try 'peer wg12 ip=xxx.xxx.xxx.xxx/32'?

(wg_manager.sh): 4893 WireGuard client service ('wg12') NOT running.

I get it when I start, stop, restart peer.
 
DreaZ said:
Hey!

Never seen this before

***ERROR: WireGuard 'client' doesn't have a LOCAL IP Address! - try 'peer wg12 ip=xxx.xxx.xxx.xxx/32'?

(wg_manager.sh): 4893 WireGuard client service ('wg12') NOT running.

I get it when I start, stop, restart peer.
Click to expand...
Dont you get any ip in your .conf file? Or it's not just imported properly?

Compare your .conf content (Address: ) and your imported ip
Code: 
E:Option ==> peer wg12
 
Last edited:
Martineau said:
EDIT: Probably these may fix the issue:

On Cabin
Code: 
TS=$(date +%s);sqlite3 /opt/etc/wireguard.d/WireGuard.db "INSERT into traffic values('Home','$TS','*','*','*','*');"
TS=$(date +%s);sqlite3 /opt/etc/wireguard.d/WireGuard.db "INSERT into traffic values('Home','$TS','0','0','0','0');"

On Home
Code: 
TS=$(date +%s);sqlite3 /opt/etc/wireguard.d/WireGuard.db "INSERT into traffic values('Cabin','$TS','*','*','*','*');"
TS=$(date +%s);sqlite3 /opt/etc/wireguard.d/WireGuard.db "INSERT into traffic values('Cabin','$TS','0','0','0','0');"
Click to expand...
OK, I did these commands - and it fixed the funny date/time issue. Looks good.

As a side, get this.
I did these commands on an airplane flying somewhere over Chicago USA.

I fired up the Wireguard app on my iPad. Worked.
SSH’d into Home (using the local LAN address/wireguard tunnel).
Did the Home commands.
Then ssh’d (over a another wireguard tunnel) to the remote Cabin and ran the commands there.

Everything worked. Incredible.
 
ZebMcKayhan said:
Dont you get any ip in your .conf file? Or it's not just imported properly?

Compare your .conf content (Address: ) and your imported ip
Code: 
E:Option ==> peer wg12
Click to expand...
Think I got the error after WGM update. Solved it by deleted the peer and added it back.
 
Last edited:
Martineau said:
FYI, just a couple of minor typos
Click to expand...
Thanks, corrected.


Martineau said:
an awful lot of detailed documentation for a script that started out as a quick and dirty WireGuard module installer!
Click to expand...
Yes... but only a small part is related to the actual usage of wgm as I choose to write this as a tutorial it shows more about how to setup the system so it works as intended while also trying to add in info about why and how to integrate with other scripts as YazFi, Transmission and Unbound.

Maybee I just have too much spare time
 
Hi need help?

Code: 
Requesting WireGuard VPN Peer start (wg11)


        wireguard-clientwg11: Initialising Wireguard VPN 'client' Peer (wg11) to premium.paakkya.tk:7070 (# N/A) DNS=216.103.130.130,176.103.130.131


iptables v1.4.21: Bad IP address "176.103.130.130,176.103.130.131"


Try `iptables -h' or 'iptables --help' for more information.
        wireguard-clientwg11: Initialisation complete.




        WireGuard ACTIVE Peer Status: Clients 1, Servers 0
 
syahmiemoboyz said:
Hi need help?

Code: 
Requesting WireGuard VPN Peer start (wg11)


        wireguard-clientwg11: Initialising Wireguard VPN 'client' Peer (wg11) to premium.paakkya.tk:7070 (# N/A) DNS=216.103.130.130,176.103.130.131


iptables v1.4.21: Bad IP address "176.103.130.130,176.103.130.131"


Try `iptables -h' or 'iptables --help' for more information.
        wireguard-clientwg11: Initialisation complete.




        WireGuard ACTIVE Peer Status: Clients 1, Servers 0
Click to expand...

It appears to be a syntax error for iptables. In which wg11.conf parameters you enter these IP address? I don’t have two ip in my config file and don’t have such issue.
 
syahmiemoboyz said:
Hi need help?

Code: 
Requesting WireGuard VPN Peer start (wg11)


        wireguard-clientwg11: Initialising Wireguard VPN 'client' Peer (wg11) to premium.paakkya.tk:7070 (# N/A) DNS=216.103.130.130,176.103.130.131


iptables v1.4.21: Bad IP address "176.103.130.130,176.103.130.131"


Try `iptables -h' or 'iptables --help' for more information.
        wireguard-clientwg11: Initialisation complete.




        WireGuard ACTIVE Peer Status: Clients 1, Servers 0
Click to expand...
I have 2 dns in my conf file and wgm only imports the first one. Dont know why it failed in your case.

To resolve, run:
Code: 
E:Option => peer wg11 dns=94.140.14.14
(Updated to new adguard dns as they changed)

There may be more issues, look at peer by:
Code: 
E:Option => peer wg11
And check if you have dual ips in more places.
 
Last edited:
DreaZ said:
I deleted the wg21 files before. How can I recreate them?
Click to expand...
Code: 
e  = Exit Script [?]

E:Option ==> peer help

    peer help                                             - This text
    peer                                                  - Show ALL Peers in database

<snip>

    peer new [peer_name [options]]                        - Create new server Peer e.g. peer new wg27 ip=10.50.99.1/24 port=12345
but simply issuing
Code: 
e  = Exit Script [?]

E:Option ==> peer new

    *** Ensure Upstream router Port Foward entry for port:11503 ***

    Press y to Create 'server' Peer (wg23) 10.50.3.1/24:11503 or press [Enter] to SKIP.
will pick the next free 'wg2x' interface (in my case 'wg23' as both 'wg21' and 'wg22' are currently defined), and configure it with appropriate default values e.g. VPN Tunnel Subnet and ListenPort (which may be customised later to your personal preference)
 
Last edited:
Siri Shortcuts works perfectly with wgm... very convenient way to switch between clients...
Thanks guys

47DD11BA-A4F1-481A-80C1-A5DFFF8EBF2B.jpeg
 
abir1909 said:
Siri Shortcuts works perfectly with wgm... very convenient way to switch between clients...
Thanks guys

View attachment 39249
Click to expand...

If you use diversion addons there is a ready made shortcuts available.

iOS Shortcut - Diversion

diversion.ch diversion.ch

Depends on your preference, you can combine all your shortcuts into one single shortcuts with selection menu like diversion shortcuts.
 
You must log in or register to reply here.

Similar threads

W
Skynet SOLVED: Scrollbar Disappears on Skynet Tab on Asuswrt-Merlin 386.14
Replies
10
Views
1K
bennor
B
Martineau
Wireguard Session Manager (4th) thread
11 12 13
Replies
251
Views
30K
ZebMcKayhan
Z
A
Splitting Wireguard between Router and client
2 3
Replies
53
Views
3K
ZebMcKayhan
Z
Viktor Jaep
TAILMON TAILMON v1.0.20 -July 27, 2024- WireGuard-based Tailscale Installer, Configurator and Monitor (Now available in AMTM!)
Replies
2
Views
289
Viktor Jaep
Viktor Jaep
Tech9
Malware damaging ASUS routers?
9 10 11
Replies
210
Views
14K
Tech9
Tech9
Similar threads
Thread starter Title Forum Replies Date
JGrana chatai - version two - have a chat session with either Googles Gemini AI or Anthropics Claude (or both at once) Asuswrt-Merlin AddOns 4
JGrana New Addon - ChatAI - have a chat session with Googles Gemini AI Bot Asuswrt-Merlin AddOns 2
D Solved How do I remove WG Manager from amtm without resetting amtm? Asuswrt-Merlin AddOns 2

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Members online

Total: 827 (members: 26, guests: 801)
Top