pivpn
pivpn copied to clipboard
pivpn
[Install Failed]: Wireguard doesn't run after installation
In raising this issue I confirm that
- [X] I have read the documentation
- [X] I have read and understood the PiVPN General Guidelines
- [X] I have read and understood the PiVPN Troubleshooting Guidelines
- [X] The issue I am reporting isn't a duplicate, see closed issues and open issues.
- [X] I have searched for similar issues and solutions
- [X] I can replicate the issue even after a clean OS installation
Describe the issue
I installed wireguard with the proxmox helper scripts from tteck with the default settings and after adding a client to wireguard and connecting it wouldn't work so i checked in the pivpn logs and it said that wireguard wasn't running so i started it and from systemctl i could see some errors that won't make wireguard start.
Pivpn logs:
:::: PiVPN debug ::::
=============================================
:::: Latest commit ::::
Branch: master
Commit: 20d3a4ccd4f2d080d6f9a13a74e6369aa9d54476
Author: Orazio
Date: Mon Jan 29 08:53:41 2024 +0100
Summary: fix(install): don't treat http errors as unavailable ipv6
=============================================
:::: Installation settings ::::
PLAT=Debian
OSCN=bullseye
USING_UFW=0
pivpnforceipv6route=1
IPv4dev=eth0
install_user=root
install_home=/root
VPN=wireguard
pivpnPORT=51820
pivpnDNS1=1.1.1.1
pivpnDNS2=8.8.8.8
pivpnHOST=REDACTED
INPUT_CHAIN_EDITED=0
FORWARD_CHAIN_EDITED=0
INPUT_CHAIN_EDITEDv6=
FORWARD_CHAIN_EDITEDv6=
pivpnPROTO=udp
pivpnMTU=1420
pivpnPERSISTENTKEEPALIVE=25
pivpnDEV=wg0
pivpnNET=10.30.118.0
subnetClass=24
pivpnenableipv6=0
ALLOWED_IPS="0.0.0.0/0, ::0/0"
UNATTUPG=1
INSTALLED_PACKAGES=(git dnsutils grepcidr net-tools bsdmainutils iptables-persistent wireguard-tools qrencode linux-headers-amd64 wireguard-dkms unattended-upgrades)
=============================================
:::: Server configuration shown below ::::
[Interface]
PrivateKey = server_priv
Address = 10.30.118.1/24
MTU = 1420
ListenPort = 51820
### begin TelefonoChicco ###
[Peer]
PublicKey = TelefonoChicco_pub
PresharedKey = TelefonoChicco_psk
AllowedIPs = 10.30.118.2/32
### end TelefonoChicco ###
=============================================
:::: Client configuration shown below ::::
[Interface]
PrivateKey = TelefonoChicco_priv
Address = 10.30.118.2/24
DNS = 1.1.1.1, 8.8.8.8
[Peer]
PublicKey = server_pub
PresharedKey = TelefonoChicco_psk
Endpoint = REDACTED:51820
AllowedIPs = 0.0.0.0/0, ::0/0
PersistentKeepalive = 25
=============================================
:::: Recursive list of files in ::::
:::: /etc/wireguard shown below ::::
/etc/wireguard:
configs
keys
wg0.conf
/etc/wireguard/configs:
TelefonoChicco.conf
clients.txt
/etc/wireguard/keys:
TelefonoChicco_priv
TelefonoChicco_psk
TelefonoChicco_pub
server_priv
server_pub
=============================================
:::: Self check ::::
:: [OK] IP forwarding is enabled
:: [ERR] Iptables MASQUERADE rule is not set, attempt fix now? [Y/n] Done
:: [ERR] WireGuard is not running, try to start now? [Y/n] Done
:: [OK] WireGuard is enabled
(it will automatically start on reboot)
:: [ERR] WireGuard is not listening, try to restart now? [Y/n] Done
[INFO] Run pivpn -d again to see if we detect issues
=============================================
:::: Having trouble connecting? Take a look at the FAQ:
:::: https://docs.pivpn.io/faq
=============================================
:::: WARNING: This script should have automatically masked sensitive ::::
:::: information, however, still make sure that PrivateKey, PublicKey ::::
:::: and PresharedKey are masked before reporting an issue. An example key ::::
:::: that you should NOT see in this log looks like this: ::::
:::: YIAoJVsdIeyvXfGGDDadHh6AxsMRymZTnnzZoAb9cxRe ::::
=============================================
:::: Debug complete ::::```
Logs from systemd:
```root@wireguard:~# systemctl status [email protected]
* [email protected] - WireGuard via wg-quick(8) for wg0
Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Sun 2024-02-04 17:11:14 CET; 1min 21s ago
Docs: man:wg-quick(8)
man:wg(8)
https://www.wireguard.com/
https://www.wireguard.com/quickstart/
https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
Process: 392 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=1/FAILURE)
Main PID: 392 (code=exited, status=1/FAILURE)
CPU: 19ms
Feb 04 17:11:14 wireguard systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
Feb 04 17:11:14 wireguard wg-quick[392]: [#] ip link add wg0 type wireguard
Feb 04 17:11:14 wireguard wg-quick[399]: Error: Unknown device type.
Feb 04 17:11:14 wireguard wg-quick[401]: Unable to access interface: Protocol not supported
Feb 04 17:11:14 wireguard wg-quick[392]: [#] ip link delete dev wg0
Feb 04 17:11:14 wireguard wg-quick[402]: Cannot find device "wg0"
Feb 04 17:11:14 wireguard systemd[1]: [email protected]: Main process exited, code=exited, status=1/FAILURE
Feb 04 17:11:14 wireguard systemd[1]: [email protected]: Failed with result 'exit-code'.
Feb 04 17:11:14 wireguard systemd[1]: Failed to start WireGuard via wg-quick(8) for wg0.```
### Expected behavior
After starting wireguard it should have started without errors
### Please describe the steps to replicate the issue
1. Install pivpn and wireguard with the proxmox helper scripts
2. add a client with pivpn add
3. Check systemd and pivpn logs
### Have you taken any steps towards solving your issue?
I tried reinstalling the container, using a static ip, using debian 12 instead of 11
### Screenshots
_No response_
### Where did you run pivpn?
Debian 11 lxc container on proxmox 8
### Please provide your output from `uname -a`
Output from container: Linux wireguard 6.5.11-7-pve #1 SMP PREEMPT_DYNAMIC PMX 6.5.11-7 (2023-12-05T09:44Z) x86_64 GNU/Linux
Output from proxmox base: Linux chicco 6.5.11-7-pve #1 SMP PREEMPT_DYNAMIC PMX 6.5.11-7 (2023-12-05T09:44Z) x86_64 GNU/Linux
### Details about Operative System
```PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"```
Unable to access interface: Protocol not supported. You should probably check whether the wireguard kernel module is available on the host (proxmox).
Unable to access interface: Protocol not supported. You should probably check whether the wireguard kernel module is available on the host (proxmox).
I added the repo with the wireguard-dkms and now wireguard starts without issues but if I try connecting to it from my phone or my laptop I don't get any internet and if I check with pivpn -c it says that the devices were never connected
