Re: WireGuard + /32 tunnel endpoint: incoming connections unreachable on NetBSD was: Wireguard woes

To: Greg Troxel <gdt%lexort.com@localhost>
Subject: Re: WireGuard + /32 tunnel endpoint: incoming connections unreachable on NetBSD was: Wireguard woes
From: Ramiro Aceves <ea1abz%gmail.com@localhost>
Date: Mon, 26 Jan 2026 19:07:47 +0100



El 26/1/26 a las 14:41, Greg Troxel escribió:

Ramiro Aceves <ea1abz%gmail.com@localhost> writes:

Sorry, after  adding that route pinging from outside does not work either.


When debugging try to obtain intermediate information.



Yes, thanks Greg for help

I am going to try to start making such tests (from my ignorance aboutnetworking, and sure I will learn from them), that way I could make abetter picture for you and the people than understand this networkinghard subjects.


Regards.


First step is to tcpdump on the actual WAN interface and then on wg0,
while pinging from outside, and see if you see plausible ciphertext
pings arriving and  then decrypted icmp echo request on wg0.

Then see if you see replies on wg0 and plausible ciphertext replies on
the wan interface.

If not, then ping from the local machine and watch as well.

read the man page for 'route get' and run that, to see how outbound
packets are routed.

finally, turn on ip forwarding, even if you know it doesn't matter, and
see if that changes anything, because it's an easy experiment.

References:
- Wireguard woes
  - From: beaker
- Re: Wireguard woes
  - From: Peter Miller
- Re: Wireguard woes
  - From: Ramiro Aceves
- Re: Wireguard woes
  - From: Sad Clouds
- Re: Wireguard woes
  - From: Ramiro Aceves
- Re: Wireguard woes
  - From: Martin Husemann
- Re: Wireguard woes
  - From: Ramiro Aceves
- Re: Wireguard woes
  - From: Ramiro Aceves
- Re: Wireguard woes
  - From: Martin Husemann
- Re: Wireguard woes
  - From: Ramiro Aceves
- WireGuard + /32 tunnel endpoint: incoming connections unreachable on NetBSD was: Wireguard woes
  - From: Ramiro Aceves
- Re: WireGuard + /32 tunnel endpoint: incoming connections unreachable on NetBSD was: Wireguard woes
  - From: Sad Clouds
- Re: WireGuard + /32 tunnel endpoint: incoming connections unreachable on NetBSD was: Wireguard woes
  - From: Ramiro Aceves
- Re: WireGuard + /32 tunnel endpoint: incoming connections unreachable on NetBSD was: Wireguard woes
  - From: Greg Troxel

Prev by Date: Re: WireGuard + /32 tunnel endpoint: incoming connections unreachable on NetBSD was: Wireguard woes
Next by Date: missing function prototypes for orcmd() and orcmd_af()?
Previous by Thread: Re: WireGuard + /32 tunnel endpoint: incoming connections unreachable on NetBSD was: Wireguard woes
Next by Thread: Re: WireGuard + /32 tunnel endpoint: incoming connections unreachable on NetBSD was: Wireguard woes
Indexes:

Home | Main Index | Thread Index | Old Index