desktop-app icon indicating copy to clipboard operation
desktop-app copied to clipboard

Published 20 hours ago verified publisher icon TunnlTo

ISSUE: ZeroTier can't be contacted through TunnlTo/WireSock

Open Permanently opened this issue 1 year ago • 2 comments
trafficstars

Describe the issue Whenever connected through TunnlTo, 95% of the time I can't communicate through ZeroTier. I typically get a response of "Connection timeout". Split-tunneling doesn't seem to make a difference, not split-tunneling the subnet. Pinging works, but not connections like SSH.

To Reproduce Steps to reproduce the behavior:

  1. Install ZeroTier and TunnlTo.
  2. Join a ZeroTier network, and put some other devices on that same network to test connections.
  3. Try establish a connection (e.g., SSH) to another device on the ZeroTier network.
  4. Observe.

Expected behavior I expected to be able to establish connections on my ZeroTier subnet.

Tested on official WireGuard client Just tested on WireGuard (without kill-switch enabled), and it worked. It also worked when using Mullvad's client.

Tested on different VPN servers Yes.

Screenshots and GIF's N/A (unless if "connection timed out" is useful?)

Tunnel Config Provide a screenshot of your tunnel config with tunnel name, private key, public key, pre-shared key and endpoint removed.

Logs Here you go. I made a connection to a ZeroTier IP, and it was not listed at all in logs. See here.

Starting WireSock directly If possible, follow the instructions below and comment on the outcome:

  1. Open TunnlTo and Enable the tunnel (this will save the config file to disk)
  2. Disable the tunnel and close TunnlTo
  3. Open a command prompt and issue the following commands:
cd "C:\Program Files\WireSock VPN Client\bin"

// Ensure you alter the <YOUR USERNAME> component of the path
wiresock-client.exe run -config C:\Users\<YOUR USERNAME>\AppData\Local\TunnlTo\tunnel.conf -log-level all

Same issue. Nothing in logs, and no change in behaviour.

Permanently avatar Feb 14 '24 18:02 Permanently

There is the option of setting up zerotier as a client on your VPN server and configuring some routes to negate having to use 2 clients completely.

I've not used Zerotier but I'll have a look over the weekend (if I get a chance to see if I can replicate the issue)

vithusel avatar Mar 01 '24 14:03 vithusel

The problem is that is there's an assumption I'm in control of the VPN server. Unfortunately, I'm not.

Permanently avatar Mar 02 '24 12:03 Permanently

@Permanently this appears to be an issue at the WireSock level. If it's still a problem I suggest making a thread over on the Wiresock support forums.

brendanosborne avatar May 17 '24 02:05 brendanosborne