[Freedombox-discuss] Wireguard: Required key not available.
A. F. Cano
afc54 at comcast.net
Sun Dec 22 02:12:26 GMT 2024
Hi,
I've assumed that any configuration of the wireguard server on the
FreedomBox would be handled by the wireguard configuration page, but
maybe I'm wrong. I found lots of discussions on the web that discuss
very complex set-ups, like connecting 2 local networks. What i want to
do is the simplest situation: connect a client (a laptop) to the
FreedomBox as a server.
Based on the documentation, I generated the keys and entered the public
key of the client in the "Peers allowed to connect to this server".
The FreedomBox shows (for the client)
Public key Allowed IPs Last Connected Time
<correct key> 10.84.0.2 <date and time look right>
>From ssh, "sudo wg show" returns (among other things)
allowed ips: 10.84.0.2/32
I also created the /etc/wireguard/wg0.conf for the client, that is
correct as far as I can tell. On the client, "sudo wg show" returns
allowed ips: 10.84.0.2/32, 192.168.200.0/32
which matches /etc/wireguard/wg0.conf. I have also tried (on the
client) Allowed IPs = 192.168.200.0/32 (without the 10.84.0.0/32) but
it didn't make any difference.
Do I need do create /etc/wireguard/wg0.conf on the FreedomBox?
/etc/wireguard is empty. I would hope that any necessary manipulation
of the firewall on the FreedomBox would be handled automatically. My
FreedomBox is not behind a router.
The server-side wg0.conf described here:
https://wiki.debian.org/WireGuard
uses iptables, which is outdated.
# systemctl start wg-quick at wg0
and
# systemctl stop wg-quick at wg0
work perfectly.
After I changed the network mask to /32 (from /24) on the client,
traffic not for 192.168.200.x vpn goes out the normal way. So, it
appears that almost everything is working correctly, how do I get the
FreedomBox server to accept traffic for 192.168.200.x?
I'm really stuck here. Any help greatly appreciated.
Augustine
More information about the Freedombox-discuss
mailing list