Comments (6)
Try to remove presharedkey the idea is to simplify your config.
And check to your journalctl or logs. (for fix a bug need to find bug information first)
And if that not work try to connect with rust or go version.
from wireguard-install.
If you can connect the first time then try adding the PersistentKeepalive option to your client configuration under [Peer]
from wireguard-install.
If you can connect the first time then try adding the PersistentKeepalive option to your client configuration under
[Peer]
@angristan can we include it by default in the config? We are using it for OpenVPN and it's commonly used for SSH too for example.
from wireguard-install.
Seems like a good idea!
from wireguard-install.
Setting it to 0 turns the feature off, which is the default, since most users will not need this, and it makes WireGuard slightly more chatty.
If you don't need this feature, don't enable it.
WireGuard recommends against it in their documentation and in the Android app. Seems like a better solution adding this in a FAQ and saying that if traffic isn't send for some time from the client behind NAT a disconnection can occur.
Their exact words are:
But if you're behind NAT or a firewall and you want to receive incoming connections long after network traffic has gone silent, this option will keep the "connection" open in the eyes of NAT.
from wireguard-install.
@angristan Here is what they say:
NAT and Firewall Traversal Persistence
By default, WireGuard tries to be as silent as possible when not being used; it is not a chatty protocol. For the most part, it only transmits data when a peer wishes to send packets. When it's not being asked to send packets, it stops sending packets until it is asked again. In the majority of configurations, this works well. However, when a peer is behind NAT or a firewall, it might wish to be able to receive incoming packets even when it is not sending any packets. Because NAT and stateful firewalls keep track of "connections", if a peer behind NAT or a firewall wishes to receive incoming packets, he must keep the NAT/firewall mapping valid, by periodically sending keepalive packets. This is called persistent keepalives. When this option is enabled, a keepalive packet is sent to the server endpoint once every interval seconds. A sensible interval that works with a wide variety of firewalls is 25 seconds. Setting it to 0 turns the feature off, which is the default, since most users will not need this, and it makes WireGuard slightly more chatty. This feature may be specified by adding the PersistentKeepalive = field to a peer in the configuration file, or setting persistent-keepalive at the command line. If you don't need this feature, don't enable it. But if you're behind NAT or a firewall and you want to receive incoming connections long after network traffic has gone silent, this option will keep the "connection" open in the eyes of NAT.
If you are using Starlink or any other ISP behind a CGNAT, I'd really think this option PersistentKeepalive = 25 is required, and the script shall offer the option during peer creation.
EDIT: anyway, I have issues, I'll try without the script and do it with ArchWiki.
from wireguard-install.
Related Issues (20)
- Support different public interface for ipv6 traffic
- No time and traffic restrictions
- Vpn
- Add option not to use IPv6
- [feature request] check if systemd-resolved in installed
- failed to installed systemd service
- Wrong IP when installing, better to use "dig" than "ip"
- script generates invalid key? HOT 4
- Error Happens in Oracle Linux 9 HOT 1
- Command deprecated HOT 1
- Vpn
- script blindly assumes packages will be installed HOT 1
- multiple ipv4 missing in .sh
- iptables rules based on port - multiple LAN interfaces on server
- wg-quick: `/etc/wireguard/wg0.conf' does not exist HOT 2
- Allow /16 nets
- Detect public interface bug
- Connected But whith little traffic HOT 1
- how to add another peer? HOT 2
- How to make VPN use both ipv4 and ipv6 at the same time.. HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from wireguard-install.