Double check wireguard config?

nktech1135 · August 11, 2020, 9:21pm

Hello.
I’m wondering if someone could doublecheck the following wireguard config for obvious errors. wg0 works and i’m wanting to add wg1.
wg0 goes to another vyos router and wg1 goes to a linux gateway system. When commiting wg1 i got an error about the address set already being used but am not familiar enough with the protocol yet to say if it’s a problem.
Here is the config.

vyos@vyos-sh# show interfaces wireguard
wireguard wg0 {
address 10.50.50.0/24
description bks
peer bks {
allowed-ips 10.2.2.0/24
allowed-ips 192.168.0.0/16
endpoint 65.0.0.0:12345
pubkey
}
port 12345
}
wireguard wg1 {
address 10.50.50.1/24
description wl
peer wl {
allowed-ips 10.33.55.0/24
allowed-ips 192.168.0.0/16
endpoint 72.82.0.0:12345
pubkey
}
port 12345
}

rob · August 12, 2020, 7:52pm

Hi @nktech1135,

try to use different addresses from different networks. And you are able to set address 10.50.50.0/24?
which vyos version you have?

show version

on my system VyOS 1.3-rolling-202008050117 the following error will perform on a set:

vyos@vyos# set interfaces wireguard wg0 address 10.50.50.0/24

Invalid value
Value validation failed
Set failed

[edit]

because 10.50.50.0/24 is the network address, the first usable ip is .1 in this example.

nktech1135 · August 12, 2020, 9:09pm

Hi.
Thanks for the info. I’m running my own vyos build v1.2.5
The problem came from a misunderstanding of how addressing is supposed to work in wireguard. I updated my config to be a bit different now and all works.
setting address 10.50.50.1/24 did work though, not sure about 10.50.50.0/24, didn’t try that as the interface address.
If anyone wants to see my config i’ll be glad to post.

Thanks.

system · August 14, 2020, 9:09pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.