Hello, I configured wireguard so I can access my home server from a laptop.
When the laptop is using its eth0 interface to transport wireguard protocol messages it works fine, but when I switch it off and use wlan0 (which is using a different ISP), on the server side the kernel logs: Keypair 20 destroyed for peer 2 Keypair 21 created for peer 2 Invalid MAC of handshake, dropping packet from ... I am using a ddns to setup the endpoint on the laptop. It's not a connection issue, as packets are reaching the server, but somehow the message authentication code (MAC) is not right after switching the interfaces. Any clues how could I investigate this further? Client config: ``` [Interface] Address = 10.0.0.3/24 ListenPort = 5000 PrivateKey = <client_private_key> [Peer] PublicKey = <server_pubic_key> AllowedIPs = 10.0.0.1/32 Endpoint = <dynamic domain name>:5000 ``` Server config: ``` [Interface] Address = 10.0.0.1/24 ListenPort = 5000 PrivateKey = <server_private_key> [Peer] PublicKey = <client_public_key> AllowedIPs = 10.0.0.3/32 ``` When the laptop is using wlan0, the server receives a packet `Handshake Initiation`, which is not replied. When the laptop is using eth0 it just sends messages of type `Transport Data` (both observed with a tcpdump). Regards, Marcin
signature.asc
Description: OpenPGP digital signature
