Community discussions

MikroTik App
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Wireguard handshake but no traffic

Mon Jan 17, 2022 11:35 pm

Hi,

Im using zerotier and wireguard on two sites. Zerotier is working fine, but wireguard is not working. The wireguard has handshake but no traffic i think there is problem in routes.
Could you please help?

please see /interface/wireguard export

site1
/interface wireguard
add listen-port=443 mtu=1420 name=wireguard1
/interface wireguard peers
add allowed-address=10.1.168.101/24 endpoint-address=185.5.225.240 \
endpoint-port=443 interface=wireguard1 public-key=\
"xxx"

site2
/interface wireguard
add listen-port=443 mtu=1420 name=wireguard1
/interface wireguard peers
add allowed-address=192.168.144.22/24 endpoint-address=185.16.81.156 \
endpoint-port=443 interface=wireguard1 public-key=\
"xxx"
You do not have the required permissions to view the files attached to this post.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19103
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Wireguard handshake but no traffic

Mon Jan 17, 2022 11:57 pm

Would need to see both configs.

Which end acts as server and which as client for the initial connection?
I would not use port 433, unless its the only way to get traffic through niggly ISPs......
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 12:04 am

sorry, which config do you need to see?

sorry, but I do not know how to check which is server or clinet..
 
msatter
Forum Guru
Forum Guru
Posts: 2897
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 12:47 am

All the *number gateways are broken. The occur when WG settings are delete and recreated.

You can ping from the router but no traffic will be directed into tunnel.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19103
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 1:47 am

sorry, which config do you need to see?

sorry, but I do not know how to check which is server or clinet..
Okay clearly you are not the admin, I need to speak with the person that setup the sites.
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 4:26 am

Im admin, in mikrotik there is no option to see which is server or client...both sites are setup the same way according to mikrotik wiki even the firewall setting,,,there is handshake but no trafffic
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 4:55 am

And what exactly are you trying to do? Typically you connect LAN to LAN, but here it looks like you want to access WAN subnets on both routers, but not any LAN at all.
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 7:07 am

is it possible to have working zerotier and wireguard on one network? I like zerotier but I have slow speed. Thats why im trying the wireguard I have HAP AC3 on both sides.
 
holvoetn
Forum Guru
Forum Guru
Posts: 5403
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 7:50 am

Make a network drawing indicating all subnets.
If known, also the bandwidth limits of the outgoing isp links.

A picture says more then a thousand words...
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 8:22 am

What should I draw? you have 2 sites and 2 wireguard config export above. Is there anything wrong with the routes?
 
User avatar
jvanhambelgium
Forum Veteran
Forum Veteran
Posts: 985
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 8:31 am

is it possible to have working zerotier and wireguard on one network? I like zerotier but I have slow speed. Thats why im trying the wireguard I have HAP AC3 on both sides.
ZeroTier & Wireguard can happily co-exist together. Obviously NOT using the same IP's !
192.168.1.x could be ZeroTier (and participants on your cloud-network) and 192.168.2.x could be for WireGuard.
Works fine here. (but not in a "site-to-site" topology, more hub-spoke alike)
 
holvoetn
Forum Guru
Forum Guru
Posts: 5403
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 8:39 am

No offense intended but a couple of people have asked you some questions where each time you seem to try to dodge the bullet not revealing the complete setup.
If you do not provide the info which is requested, that's your good right.
But don't expect us to have a crystal ball about your situation if you are not providing all info which might be relevant (maybe not to you).

You have a problem, that's clear.
We do not.

You need help.
There are enough here willing to help but we need ... info.
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 9:05 am

is it possible to have working zerotier and wireguard on one network? I like zerotier but I have slow speed. Thats why im trying the wireguard I have HAP AC3 on both sides.
ZeroTier & Wireguard can happily co-exist together. Obviously NOT using the same IP's !
192.168.1.x could be ZeroTier (and participants on your cloud-network) and 192.168.2.x could be for WireGuard.
Works fine here. (but not in a "site-to-site" topology, more hub-spoke alike)
Hello,

as you can see from the routes,
wireguard is using subnet 192.168.144.0/24 and the zerotier is using 192.168.192.0/24. Wchich is obviously NOT using the same IP's
 
Rox169
Member
Member
Topic Author
Posts: 433
Joined: Sat Sep 04, 2021 1:47 am

Re: Wireguard handshake but no traffic

Tue Jan 18, 2022 9:28 am

All the *number gateways are broken. The occur when WG settings are delete and recreated.

You can ping from the router but no traffic will be directed into tunnel.
Why do you think so? This is dynamic route for zerotier and zeroties is working fine.

Who is online

Users browsing this forum: No registered users and 10 guests