NSA325 Wireguard

Hi, long time no see!

ZyXEL NSA325
Linux version 5.13.6-kirkwood-tld-1 (root@tldDebian) (gcc (Debian 8.3.0-6) 8.3.0, GNU ld (GNU Binutils for Debian) 2.31.1) #1.0 PREEMPT Sat Jul 31 22:10:39 PDT 2021
Debian 11.1

root@kerstin:/etc/wireguard# wg-quick up wg_gerd
[#] ip link add wg_gerd type wireguard
[#] wg setconf wg_gerd /dev/fd/63
[#] ip -4 address add 10.10.10.150/24 dev wg_gerd
[#] ip link set mtu 1420 up dev wg_gerd
[#] resolvconf -a tun.wg_gerd -m 0 -x
[#] ip -4 route add 192.168.1.0/24 dev wg_gerd
RTNETLINK answers: File exists
[#] resolvconf -d tun.wg_gerd -f
[#] ip link delete dev wg_gerd
root@kerstin:/etc/wireguard#

If i set "Table = off" in config so it doesnt add routes the interface works but then i cant access interface wg from lan or lan from wg.

Could it be something with the kernel or some package missing?
Ive got a Raspberry with same config setup and that works with no problems.



Edited 1 time(s). Last edit at 10/26/2021 02:51PM by fgh.

fgh,

You will be the pioneer here! wireguard is only available in buster-backport and bullseye. So I have not got around to try.

But you need to do this:

apt-get  install wireguard wireguard-dkms wireguard-tools

It will bring in some rpi kernel packages, which we don't need. It will cause problem later, so clean it up:

dpkg -r linux-image-rpi  linux-image-5.10.0-9-rpi

And please let us know how it goes.

-bodhi
===========================
Forum Wiki
bodhi's corner (buy bodhi a beer)

It seems to wrok just fine.
The problem I had in first post is because wg-quick tried to add a route for my lan network over wg interface but there were already a route for that. network over eth0.
On other machines it just adds the route but here it cancels if-up leaveing me withouth wg interface.

fgh,

> It seems to wrok just fine.
> The problem I had in first post is because
> wg-quick tried to add a route for my lan network
> over wg interface but there were already a route
> for that. network over eth0.
> On other machines it just adds the route but here
> it cancels if-up leaveing me withouth wg
> interface.

Cool!

If you kept the log of how you set up Wireguard (i.e installing which packages, running which commands), it would be great to post here for others looking for it.

-bodhi
===========================
Forum Wiki
bodhi's corner (buy bodhi a beer)

Simply just did:

apt-get  install wireguard  wireguard-tools resolvconf iptables

But as you stated it brings in som rpi-stuff so i added wireguard-dkms and later was able to remove rpi packages:

apt-get install wireguard-dkms

dpkg -r linux-image-rpi  linux-image-5.10.0-9-rpi

Over wireguard:

- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec  39.5 MBytes  33.1 Mbits/sec  197             sender
[  5]   0.00-10.04  sec  37.6 MBytes  31.4 Mbits/sec                  receiver

Flat:

[ ID] Interval           Transfer     Bitrate         Retr
[  5]   0.00-10.00  sec   822 MBytes   690 Mbits/sec   95             sender
[  5]   0.00-10.00  sec   817 MBytes   685 Mbits/sec                  receiver

Edited 3 time(s). Last edit at 10/29/2021 03:26PM by fgh.

Thanks fgh!

-bodhi
===========================
Forum Wiki
bodhi's corner (buy bodhi a beer)

Added this to the Wiki thread.

Quote

VPN

Setup OpenVPN
Setup Wireguard

-bodhi
===========================
Forum Wiki
bodhi's corner (buy bodhi a beer)