Wireguard Doesn't Allow use of DNS for Remote Peer Endpoint

absolutesantaja · May 12, 2020, 11:46am

Trying to figure out what the correct syntax is for using a dns name for the remote peer in my Wireguard Config. This would typically be the value for “Endpoint” and does support using dns instead ip addresses. Here is what I’ve tried.

[edit]
vyos@fw1# set interfaces wireguard wg01 peer to-home address home.example.org

  Invalid value
  Value validation failed
  Set failed

[edit]
vyos@fw1# set interfaces wireguard wg01 peer to-home address 'home.example.org'

  Invalid value
  Value validation failed
  Set failed

[edit]

vyos@fw1:~$ show version
Version:          VyOS 1.3-rolling-202005100117
Release Train:    equuleus

Built by:         [email protected]
Built on:         Sun 10 May 2020 01:17 UTC
Build UUID:       aa1e03bc-7360-40b3-a58c-cdae46958353
Build Commit ID:  2cb6f390d7bdaa

Architecture:     x86_64
Boot via:         installed image
System type:       guest

Hardware vendor:  Dell Inc.
Hardware model:   PowerEdge R210 II
Hardware S/N:     8XYWLS1
Hardware UUID:    4c4c4544-0058-5910-8057-b8c04f4c5331

Copyright:        VyOS maintainers and contributors

runar · May 12, 2020, 12:01pm

Hi absolutesantaja

Using DNS name for remote peer endpoint is not supported at the moment, and to support it we need an upstream fix for it. se here: ⚓ T1700 Wireguard FQDN endpoint doesn't work after reboot

if you want to use DNS as peer you would need to add this with a script after the os is booted and dns is working.

absolutesantaja · May 12, 2020, 12:40pm

Now that I know what to look for I’ve found several posts on the Wireguard mailing lists. Some of the comments are a bit brutal but thanks for pointing me in the right direction. Everything works perfectly with the IP address.

system · May 14, 2020, 12:40pm

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.