wireguard-kmod icon indicating copy to clipboard operation
wireguard-kmod copied to clipboard

Published 20 hours ago verified publisher icon tusc

v03-13-22: Unsupported Kernel for UDM

Open thotha opened this issue 2 years ago • 4 comments

Unsupported Kernel version 4.19.152-al-linux-v10.2.0-v1.12.22.4309-4105ace

Subsystem ID: ea11 Family/Model: UniFi Dream Machine (UDM) Firmware: 1.12.22 (1.12.22)

Hope you can implement this firmware to your project. Kind regards Thomas

thotha avatar May 30 '22 07:05 thotha

Hi @thotha,

The latest release should include the module for 1.12.22. Please try it.

Regards, Peacey

peacey avatar Jun 02 '22 20:06 peacey

Hi @peacey,

I upgraded to UniFi OS 1.12.22 and updated wireguard-kmod to wireguard-kmod-06-01-22.

The wireguard tunnel is established and confirmed up and running by wg. However, web addresses (URL) are no longer accessible via the tunnel. When running ./setup_wireguard.sh an Error 403 message is shown:

ln: /bin/bash: File exists
ln: /usr/bin/htop: File exists
ln: /usr/sbin/iftop: File exists
ln: /sbin/resolvconf: File exists
 Error 403
Warning: `/mnt/data/split-vpn/wireguard/wg/wg0.conf' is world accessible

Hope you can point me in the right direction on how to solve this issue.

Regards, DataBreach

databreach avatar Jun 05 '22 10:06 databreach

Hi @DataBreach,

It's working fine for me on 1.12.22. Error 403 is weird, as there's nothing in the setup script that downloads anything. Can you please delete the wireguard folder and re-download it? Maybe there was a download error and curl appended "Error 403" to the script.

Other than that, if your tunnel is up and running, it does mean wireguard was setup correctly. If URLs (but not IPs) aren't accessible over the tunnel, that means there is a DNS problem. But are you sure it's only URLs? Can you try to ping an IP first.

  1. First in SSH on the router, try to ping 8.8.8.8 through the wg0 tunnel: ping -I wg0 8.8.8.8
  2. Then try to ping 8.8.8.8 from a computer that's forced to the VPN: ping 8.8.8.8

peacey avatar Jun 05 '22 10:06 peacey

Hi @peacey,

You are correct. wireguard-kmod-06-01-22 is working fine on UniFi OS 1.12.22. It turned out the Error 403 was caused by the wireguard configuration script of the VPN provider I was using. That one needed to be updated as well, which I wasn't expecting. After which everything was working as expected, sort of.

UniFi OS all of a sudden crashed each time after reboot. The CPU turned out to be at 100%. The top command showed this was caused by UniFi Talk, even though this service was stopped. Enabling this service solved the high CPU load, so I uninstalled the UniFi Talk app as I don't like running services which I don't use. All in all, it was quite a journey upgrading to UniFi OS 1.12.22.

Thank you for your support and providing this great wireguard kernel module!

databreach avatar Jun 06 '22 07:06 databreach