VPN Director ok, device no connect.
- Thread starter 68OnePlus
- Start date
ZebMcKayhan
Very Senior Member
Do you know if it's a connection issue or dns issue? I.e could you ping an ip on your client (like 1.1.1.1) or domain (like google.com)?
Are you using any dns setting in Wireguard?
How is your vpn director rule(s)? Single ips or entire network?
Is your pihole over vpn?
Thanks for all.
-C:\Windows\System32>ping google.com
Ping google.com [216.58.204.238] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping Stats for 216.58.204.238:
Packets: Transmitted = 4, Received = 0,
Lost = 4 (100% loss)
-No DNS settings
-The rules are for individual IP
-PIhole was installed on Raspberry without VPN, I must say that on stock asus firmware and therefore VPN Fusion I never had problems.
I apologize for my English as a translator.
INTERFACE:
Private Key
xxxxxxxxxxGVEwAIve+huHKfKsTIOEoXxxxxxxxx=
MTU (Optional)
Address
10.6.0.2/32
DNS Server (Optional)
PEER
Server Public Key
SqAWBSVdnUJ859Bz2Nyt82rlSebMwPgvwQxIb1DzyF8=
Preshared Key (Optional)
Allowed IPs
0.0.0.0/0
Endpoint Address
ort
ch404.nordvpn.com:51820
Persistent Keepalive
25
interface: wgc1
public key: sKKRdJAJLRgPd4hQj9mg/lJZc1GOJC/dEGd2lCvBEQY=
private key: (hidden)
listening port: 50446
peer: SqAWBSVdnUJ859Bz2Nyt82rlSebMwPgvwQxIb1DzyF8=
endpoint: 185.7.34.224:51820
allowed ips: 0.0.0.0/0
latest handshake: 29 seconds ago. (sec:29)
transfer: 12.07 KiB received, 730.88 KiB sent
persistent keepalive: every 25 seconds
-C:\Windows\System32>ping google.com
Ping google.com [216.58.204.238] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping Stats for 216.58.204.238:
Packets: Transmitted = 4, Received = 0,
Lost = 4 (100% loss)
-No DNS settings
-The rules are for individual IP
-PIhole was installed on Raspberry without VPN, I must say that on stock asus firmware and therefore VPN Fusion I never had problems.
I apologize for my English as a translator.
INTERFACE:
Private Key
xxxxxxxxxxGVEwAIve+huHKfKsTIOEoXxxxxxxxx=
MTU (Optional)
Address
10.6.0.2/32
DNS Server (Optional)
PEER
Server Public Key
SqAWBSVdnUJ859Bz2Nyt82rlSebMwPgvwQxIb1DzyF8=
Preshared Key (Optional)
Allowed IPs
0.0.0.0/0
Endpoint Address
ort ch404.nordvpn.com:51820
Persistent Keepalive
25
interface: wgc1
public key: sKKRdJAJLRgPd4hQj9mg/lJZc1GOJC/dEGd2lCvBEQY=
private key: (hidden)
listening port: 50446
peer: SqAWBSVdnUJ859Bz2Nyt82rlSebMwPgvwQxIb1DzyF8=
endpoint: 185.7.34.224:51820
allowed ips: 0.0.0.0/0
latest handshake: 29 seconds ago. (sec:29)
transfer: 12.07 KiB received, 730.88 KiB sent
persistent keepalive: every 25 seconds
ZebMcKayhan
Very Senior Member
Ok. Well, your tunnel seems to be working. Handshake timer resets now and then and you got some data both tx and rx so it's connected.Thanks for all.
-C:\Windows\System32>ping google.com
Ping google.com [216.58.204.238] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping Stats for 216.58.204.238:
Packets: Transmitted = 4, Received = 0,
Lost = 4 (100% loss)
-No DNS settings
-The rules are for individual IP
-PIhole was installed on Raspberry without VPN, I must say that on stock asus firmware and therefore VPN Fusion I never had problems.
I apologize for my English as a translator.
INTERFACE:
Private Key
xxxxxxxxxxGVEwAIve+huHKfKsTIOEoXxxxxxxxx=
MTU (Optional)
Address
10.6.0.2/32
DNS Server (Optional)
PEER
Server Public Key
SqAWBSVdnUJ859Bz2Nyt82rlSebMwPgvwQxIb1DzyF8=
Preshared Key (Optional)
Allowed IPs
0.0.0.0/0
Endpoint Address
ch404.nordvpn.com:51820
Persistent Keepalive
25
interface: wgc1
public key: sKKRdJAJLRgPd4hQj9mg/lJZc1GOJC/dEGd2lCvBEQY=
private key: (hidden)
listening port: 50446
peer: SqAWBSVdnUJ859Bz2Nyt82rlSebMwPgvwQxIb1DzyF8=
endpoint: 185.7.34.224:51820
allowed ips: 0.0.0.0/0
latest handshake: 29 seconds ago. (sec:29)
transfer: 12.07 KiB received, 730.88 KiB sent
persistent keepalive: every 25 seconds
Did you enable NAT? that is usually required on these type of vpns, here are my settings:
If "Enable NAT" is set to No, you will probably get exactly what you see now, tunnel working but no clients can connect.
ZebMcKayhan
Very Senior Member
Hmm, ok.
Any other vpn setup? Recent changes to kill-switch makes it active even if the vpn is disabled so if you have any left-over old config, make sure you disable the kill-switch under everything.
If you have ssh access to the router, could you try executing
Code:
ip route get 1.1.1.1 from <client ip> iif br0
Code:
ip route get 1.1.1.1 from 192.168.50.25 iif br0Here I am again...
ASUSWRT-Merlin GT-AXE16000 3004.388.8_2_rog Thu Aug 1 00:58:58 UTC 2024
admin@GT-AXE16000-9A30:/tmp/home/root# ip route get 1.1.1.1 from 192.168.1.14 ii
f br0
1.1.1.1 from 192.168.1.14 via 192.168.100.1 dev ppp0
cache iif br0
admin@GT-AXE16000-9A30:/tmp/home/root#
ASUSWRT-Merlin GT-AXE16000 3004.388.8_2_rog Thu Aug 1 00:58:58 UTC 2024
admin@GT-AXE16000-9A30:/tmp/home/root# ip route get 1.1.1.1 from 192.168.1.14 ii
f br0
1.1.1.1 from 192.168.1.14 via 192.168.100.1 dev ppp0
cache iif br0
admin@GT-AXE16000-9A30:/tmp/home/root#
ZebMcKayhan
Very Senior Member
Thanks! This shows that a packet from 192.168.1.14 to 1.1.1.1 would go out ppp0 (wan) interface and not Wireguard wgc1 interface.
How does your routing rules look like:
Code:
ip ruleAlso a picture of your vpndirector rules might help.
Similar threads
Similar threads
Similar threads
-
-
-
-
-
-
-
-
Solved What VPN Director rule should i use to be able to connect outside my home to my VPN provider?
- Started by brodas
- Replies: 2
-
-
