On 2026/05/14 19:37, Gabriele Vento wrote: > > > On May 14, 2026 7:32:52 PM GMT+02:00, Stuart Henderson <[email protected]> > wrote: > >On 2026/05/14 18:37, Gabriele Vento wrote: > >> > >> > >> On May 14, 2026 6:02:01 PM GMT+02:00, Alexandr Nedvedicky > >> <[email protected]> wrote: > >> >Hello, > >> > > >> >On Thu, May 14, 2026 at 05:57:45PM +0200, Gabriele Vento wrote: > >> ></snip> > >> >> > > >> >> > the inet is 100.65.0.138 > >> >> > > >> >> > However I think it should be from the same network which is allowed > >> >> > by wgaip option. Perhaps you should run: > >> >> > > >> >> > ifconfig wg0 15.204.55.83/10 > >> >> That also does not work befause the problem is actually that the > >> >> allowed IP > >> >> is wrong, not the inet. In fact, any IP I try to allow results in the > >> >> wgaip > >> >> field being set to the endpoint ip (15.204.55.84) with whatever subnet > >> >> mask I > >> >> specified, even IPs not under 100.0.0.0/8. > >> > > >> > So it looks like the tool you use to set up the tunnel is broken. > >> > you should be able to use ifconfig(8). try to follow steps in > >> > Solene's blog it did work well for me recently. > >> I tried following the blog, currently /etc/hostname.wg0 contains > >> wgkey <privkey> > >> wgpeer k/QiJlbMakMKgTCHVt8/D+8k4DzRVM6U33F3gMZfRUg= wgendpoint > >> 15.204.55.83 42070 wgpsk <presharedkey> wgaip 100.64.0.0/10 > >> inet 100.65.0.138/32 > > > >the thing that you don't have is anything telling the machine what > >traffic to send to the wg interface. > > > >(wgaip is a dual purpose thing, firstly it allows you to set which > >addresses the peer may send from, secondly it is a selector to choose > >which amongst a number of peers to send traffic to, *but* only once it > >has already been directed to the wg interface via the normal route > >table). > > > >you haven't described what you're actually trying to route over the > >tunnel, but using a /32 on this is probably not what you want here. > >maybe /10 if you're trying to route all of the 100.64/10 SHARED-NETWORK > >(CGN) address space over it. > I understand, should i change the inet address to use /10?
It depends how the other side is configured. > I am also trying to route all network traffic to the interface. And following > the blog I know I have to put a !route line, but any address I could think of > using wasn't accepted as a gateway. > >> up > >> > >> I tried various combinations, such as omitting the preshared key or > >> putting it before the wgendpoint field, and also tried using 0.0.0.0/0 as > >> allowed ip (so that it would have kept the /0 part) to no avail, it still > >> does show 15.204.55.83 as wgaip when shown with `ifconfig wg`, and even > >> when the mask is /0 it doesn't let me ping any IP in the network. > >> > >> >good luck. > >> >regards > >> >sashan > >> > > > >
