Community discussions

MikroTik App
 
Rox169
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 78
Joined: Sat Sep 04, 2021 1:47 am

Wireguard handshake but no traffic

Mon Jan 17, 2022 11:35 pm

Hi,

Im using zerotier and wireguard on two sites. Zerotier is working fine, but wireguard is not working. The wireguard has handshake but no traffic i think there is problem in routes.
Could you please help?

please see /interface/wireguard export

site1
/interface wireguard
add listen-port=443 mtu=1420 name=wireguard1
/interface wireguard peers
add allowed-address=10.1.168.101/24 endpoint-address=185.5.225.240 \
endpoint-port=443 interface=wireguard1 public-key=\
"xxx"

site2
/interface wireguard
add listen-port=443 mtu=1420 name=wireguard1
/interface wireguard peers
add allowed-address=192.168.144.22/24 endpoint-address=185.16.81.156 \
endpoint-port=443 interface=wireguard1 public-key=\
"xxx"
You do not have the required permissions to view the files attached to this post.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 11735
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Wireguard handshake but no traffic

Mon Jan 17, 2022 11:57 pm

Would need to see both configs.

Which end acts as server and which as client for the initial connection?
I would not use port 433, unless its the only way to get traffic through niggly ISPs......
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
Rox169
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 78
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 12:04 am

sorry, which config do you need to see?

sorry, but I do not know how to check which is server or clinet..
 
msatter
Forum Guru
Forum Guru
Posts: 2653
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 12:47 am

All the *number gateways are broken. The occur when WG settings are delete and recreated.

You can ping from the router but no traffic will be directed into tunnel.
Loving my freedom and so, no Twitter, no Meta/Facebook/Instagram/WhatsApp, no Apple and no Alphabet/Google, no Amazon/Cloudfront/AWS. 12% inflation but still giving money to Italy.

Running:
RouterOS 7.2RC6 and 7.21 / Winbox 3.35 64bits
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 11735
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 1:47 am

sorry, which config do you need to see?

sorry, but I do not know how to check which is server or clinet..
Okay clearly you are not the admin, I need to speak with the person that setup the sites.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
Rox169
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 78
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 4:26 am

Im admin, in mikrotik there is no option to see which is server or client...both sites are setup the same way according to mikrotik wiki even the firewall setting,,,there is handshake but no trafffic
 
Sob
Forum Guru
Forum Guru
Posts: 8178
Joined: Mon Apr 20, 2009 9:11 pm

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 4:55 am

And what exactly are you trying to do? Typically you connect LAN to LAN, but here it looks like you want to access WAN subnets on both routers, but not any LAN at all.
Come on people, do you really have to quote full posts? It's annoying and in most cases useless.
 
Rox169
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 78
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 7:07 am

is it possible to have working zerotier and wireguard on one network? I like zerotier but I have slow speed. Thats why im trying the wireguard I have HAP AC3 on both sides.
 
holvoetn
Forum Guru
Forum Guru
Posts: 1013
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 7:50 am

Make a network drawing indicating all subnets.
If known, also the bandwidth limits of the outgoing isp links.

A picture says more then a thousand words...
 
Rox169
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 78
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 8:22 am

What should I draw? you have 2 sites and 2 wireguard config export above. Is there anything wrong with the routes?
 
User avatar
jvanhambelgium
Long time Member
Long time Member
Posts: 677
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 8:31 am

is it possible to have working zerotier and wireguard on one network? I like zerotier but I have slow speed. Thats why im trying the wireguard I have HAP AC3 on both sides.
ZeroTier & Wireguard can happily co-exist together. Obviously NOT using the same IP's !
192.168.1.x could be ZeroTier (and participants on your cloud-network) and 192.168.2.x could be for WireGuard.
Works fine here. (but not in a "site-to-site" topology, more hub-spoke alike)
 
holvoetn
Forum Guru
Forum Guru
Posts: 1013
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 8:39 am

No offense intended but a couple of people have asked you some questions where each time you seem to try to dodge the bullet not revealing the complete setup.
If you do not provide the info which is requested, that's your good right.
But don't expect us to have a crystal ball about your situation if you are not providing all info which might be relevant (maybe not to you).

You have a problem, that's clear.
We do not.

You need help.
There are enough here willing to help but we need ... info.
 
Rox169
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 78
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 9:05 am

is it possible to have working zerotier and wireguard on one network? I like zerotier but I have slow speed. Thats why im trying the wireguard I have HAP AC3 on both sides.
ZeroTier & Wireguard can happily co-exist together. Obviously NOT using the same IP's !
192.168.1.x could be ZeroTier (and participants on your cloud-network) and 192.168.2.x could be for WireGuard.
Works fine here. (but not in a "site-to-site" topology, more hub-spoke alike)
Hello,

as you can see from the routes,
wireguard is using subnet 192.168.144.0/24 and the zerotier is using 192.168.192.0/24. Wchich is obviously NOT using the same IP's
 
Rox169
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 78
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 9:28 am

All the *number gateways are broken. The occur when WG settings are delete and recreated.

You can ping from the router but no traffic will be directed into tunnel.
Why do you think so? This is dynamic route for zerotier and zeroties is working fine.

Who is online

Users browsing this forum: No registered users and 7 guests