This will write WireGuard logging messages to the kernel log, which can be watched live with: $ sudo dmesg -wT This is done with the following command: $ echo "module wireguard +p" | sudo tee /sys/kernel/debug/dynamic_debug/control Being a kernel module essentially, we need to explicitly enable verbose logging of its module. WireGuard is also silent when it comes to logging. Peer: ZliZ1hlarZqvfxPMyME2ECtXDk611NB7uzLAD4McpgI= Transfer: 3.06 KiB received, 2.80 KiB sent Latest handshake: 3 hours, 27 minutes, 35 seconds ago Peer: 2cJdFcNzXv4YUGyDTahtOfrbsrFsCByatPnNzKTs0Qo= Public key: +T3T3HTMeyrEDvim8FBxbYjbz+/POeOtG3Rlvl9kJmM= Here is a sample output showing a system with two peers configured, where only one has established the VPN so far: Every 2.0s: wg j-wg: Fri Aug 26 17:44:37 2022 It can be helpful to leave a terminal open with the watch wg command. Make sure the above /proc entries are in /etc/nf or a file in /etc/sysctl.d so that they persist reboots.When injecting the VPN users into an existing network, without routing, make sure /proc/sys/net/ipv4/conf/all/proxy_arp is set to 1.Double check that you have /proc/sys/net/ipv4/ip_forward set to 1 where needed.Check with ip route and ip addr show dev if the routes and IPs are set as you expect.There is nothing identifying them, and public and private keys are basically the same format-wise. When dealing with multiple peers, it’s easy to mix these up, specially because the contents of these keys is just random data. Multi-node configuration with Docker-Composeĭistributed Replicated Block Device (DRBD)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |