По каким то причинам не работает впн wireguard. Сервер от Oracle.
Логи:
ubuntu@amberserver:~$ sudo wg show
interface: wg0
public key: XXXXXXXXXXXXXXXXXXXXXXXXXXXX
private key: (hidden)
listening port: 51820
peer: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
endpoint: 95.105.124.30:52684
allowed ips: 10.8.0.2/32
latest handshake: 44 seconds ago
transfer: 126.30 KiB received, 220 B sent
ubuntu@amberserver:~$ sudo systemctl status wg-quick@wg0.service
● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0
Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor preset: enabled)
Active: active (exited) since Sun 2022-07-03 16:51:18 UTC; 1min 13s ago
Docs: man:wg-quick(8)
man:wg(8)
https://www.wireguard.com/
https://www.wireguard.com/quickstart/
https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
Process: 1416 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=0/SUCCESS)
Main PID: 1416 (code=exited, status=0/SUCCESS)
CPU: 47ms
Jul 03 16:51:18 amberserver systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
Jul 03 16:51:18 amberserver wg-quick[1416]: [#] ip link add wg0 type wireguard
Jul 03 16:51:18 amberserver wg-quick[1416]: [#] wg setconf wg0 /dev/fd/63
Jul 03 16:51:18 amberserver wg-quick[1416]: [#] ip -4 address add 10.8.0.1/24 dev wg0
Jul 03 16:51:18 amberserver wg-quick[1416]: [#] ip link set mtu 8920 up dev wg0
Jul 03 16:51:18 amberserver wg-quick[1416]: [#] iptables -A FORWARD -i wg0 -j ACCEPT; iptables -A FORWARD -o wg0 -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Jul 03 16:51:18 amberserver systemd[1]: Finished WireGuard via wg-quick(8) for wg0.
Конфиг на серве:
[Interface]
Address = 10.8.0.1/24
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PrivateKey = XXXXXXXXXXXXXXXXXXX
[Peer]
PublicKey = XXXXXXXXXXXXXXXXXXXXX
AllowedIPs = 10.8.0.2/32
Конфиг на клиенте:
[Interface]
PrivateKey = XXXXXXXXXXXXXXXXXX
Address = 10.8.0.2/32
DNS = 1.1.1.1
[Peer]
PublicKey = XXXXXXXXXXXXXXXXXXXX
AllowedIPs = 0.0.0.0/0
Endpoint = 130.162.249.9:51820
PersistentKeepalive = 21
Ещё логи:
ubuntu@amberserver:~$ ifconfig
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 9000
inet 10.0.0.60 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::17ff:fe0a:2e58 prefixlen 64 scopeid 0x20<link>
ether 02:00:17:0a:2e:58 txqueuelen 1000 (Ethernet)
RX packets 2171 bytes 397825 (397.8 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1783 bytes 538699 (538.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 48 bytes 7613 (7.6 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 48 bytes 7613 (7.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
wg0: flags=209<UP,POINTOPOINT,RUNNING,NOARP> mtu 8920
inet 10.8.0.1 netmask 255.255.255.0 destination 10.8.0.1
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 1000 (UNSPEC)
RX packets 984 bytes 129332 (129.3 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5 bytes 220 (220.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ubuntu@amberserver:~$ sudo lsof -i -P -n | grep LISTEN
systemd 1 root 140u IPv4 14886 0t0 TCP *:111 (LISTEN)
systemd 1 root 142u IPv6 14119 0t0 TCP *:111 (LISTEN)
rpcbind 754 _rpc 4u IPv4 14886 0t0 TCP *:111 (LISTEN)
rpcbind 754 _rpc 6u IPv6 14119 0t0 TCP *:111 (LISTEN)
systemd-r 813 systemd-resolve 14u IPv4 15269 0t0 TCP 127.0.0.53:53 (LISTEN)
sshd 948 root 3u IPv4 17815 0t0 TCP *:22 (LISTEN)
sshd 948 root 4u IPv6 17817 0t0 TCP *:22 (LISTEN)
ubuntu@amberserver:~$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state NEW tcp multiport dports 51820
ACCEPT tcp -- anywhere anywhere state NEW tcp multiport dports 5901:5903,x11-1:x11-3
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain InstanceServices (0 references)
target prot opt source destination
ubuntu@amberserver:~$