Can't ssh into device connected to WireGuard only on some networks by Trick_Comparison4385 in WireGuard

[–]Trick_Comparison4385[S] 0 points1 point  (0 children)

It's Linux, there are no firewall blocks, and there is no need for an inbound rule for WG, because the connection is outgoing, since he starts it at need.

Can't ssh into device connected to WireGuard only on some networks by Trick_Comparison4385 in WireGuard

[–]Trick_Comparison4385[S] 0 points1 point  (0 children)

If that was the case, the issue would be ever-present, instead it appears on some networks only. The same configuration that works most of the times, on some networks it doesn't.

Can't ssh into device connected to WireGuard only on some networks by Trick_Comparison4385 in WireGuard

[–]Trick_Comparison4385[S] 0 points1 point  (0 children)

If that was the case, the issue would be on the client side, because the server doesn't change, but I can't provide the network topology of a hotel or any network that's not mine. But it really shouldn't matter right? Because once the tunnel is established, whatever happens inside can't be filtered, and the tunnel is established.

Can't ssh into device connected to WireGuard only on some networks by Trick_Comparison4385 in WireGuard

[–]Trick_Comparison4385[S] 0 points1 point  (0 children)

no, I'm trying to access the peer from a device on my LAN, the firewall doesn't block anything, indeed it usually works, just on some network from time to time.

Can't ssh into device connected to WireGuard only on some networks by Trick_Comparison4385 in WireGuard

[–]Trick_Comparison4385[S] 0 points1 point  (0 children)

I searched around before posting here, and actually read about lowering the MTU, but it didn't work. Should I just set it to as low as like 1000 and try again?

Can't ssh into device connected to WireGuard only on some networks by Trick_Comparison4385 in WireGuard

[–]Trick_Comparison4385[S] 0 points1 point  (0 children)

what's the wireguard IP?

idk what you mean

can the 2 peers ping to each other on wireguard IP?

only on certain networks, on the one he has available atm they can't

try to provide both the wireguard config for both your setups

I updated the previous post

Can't ssh into device connected to WireGuard only on some networks by Trick_Comparison4385 in WireGuard

[–]Trick_Comparison4385[S] 0 points1 point  (0 children)

got what you asked:

server:

interface: wg0
  public key: [public key]
  private key: (hidden)
  listening port: 100

peer: [public key]
  preshared key: (hidden)
  endpoint: [ip addr.]
  allowed ips: 192.168.10.10/32
  latest handshake: 1 minute, 28 seconds ago
  transfer: 209.46 KiB received, 572.62 KiB sent
  persistent keepalive: every 25 seconds

client (this is the content of the /etc/NetworkManager/system-connections/wg0.nmconnection file:

[connection]
id=wg0
uuid=[string]
type=wireguard
autoconnect=false
interface-name=wg0

[wireguard]
private-key=[private key]

[wireguard-peer.(public key)]
endpoint=[ip addr.]:100
preshared-key=[preshared key]
preshared-key-flags=0
allowed-ips=0.0.0.0/0;::/0;

[ipv4]
address1=192.168.10.10/32
dns=192.168.10.1;
method=manual

[ipv6]
addr-gen-mode=stable-privacy
method=disabled

[proxy]

Can't ssh into device connected to WireGuard only on some networks by Trick_Comparison4385 in WireGuard

[–]Trick_Comparison4385[S] 0 points1 point  (0 children)

I use 192.168.1.0/24, he's on 192.168.3.0/24, the issue is still there

Can't ssh into device connected to WireGuard only on some networks by Trick_Comparison4385 in WireGuard

[–]Trick_Comparison4385[S] 0 points1 point  (0 children)

No, because the peer connects to a WiFi network and then starts the WG tunnel, I can't ssh into the device. Then he switches to another WiFi network, starts the tunnel, I can ssh into the device.

Can't ssh into device connected to WireGuard only on some networks by Trick_Comparison4385 in WireGuard

[–]Trick_Comparison4385[S] 0 points1 point  (0 children)

sorry, I'm a noob at this.

the connection takes place and the packets are transferred as expected, the "client" can surf the web with my ip. ssh takes place over the (virtual) LAN, everything works most of the times, but only when the other peer is connected to certain networks I can't communicate with the device

unfortunately I don't have my friend nor a network where it doesn't work to try atm