WireGuard Trouble [Help]
#1
I'm having trouble connecting to my WireGuard VPN from my Pinebook Pro. I have the WireGuard server set up on my Raspberry Pi and can connect to it successfully from all my other devices including a Linux PC, a Mac, and an Android phone. My only trouble is with the Pinebook Pro. I have them all set up the same way to use the Pi as a server, so I'm fairly certain there is nothing wrong with the configurations. I have all devices set to send all traffic over the tunnel. They all work great except for the Pinebook Pro.

What happens on the pbpro is that the WireGuard tunnel goes up and both the client and server say the connection is good. The handshakes are successful. There is data sent and received both ways. However, when I try to make network connections from the pbpro, I get a variety of errors:

When I ssh from the pbpro to a device on the VPN, it connects briefly, then within a second disconnects with an error. The errors are different at random:


Code:
ssh_dispatch_run_fatal: Connection to <MY SERVER ADDRESS> port 22: message authentication code incorrect
ssh_dispatch_run_fatal: Connection to <MY SERVER ADDRESS> port 22: invalid format
kex_input_kexinit: discard proposal: string is too large
ssh_dispatch_run_fatal: Connection to <MY SERVER ADDRESS> port 22: string is too large

Sometimes I get a glimpse of my tmux session before the ssh session disconnects. Sometimes it just doesn't connect at all.

When use Firefox or Chromium on the pbpro to browse websites (doesn't matter which), I also get a random variety of errors:

Code:
ERR_SSL_PROTOCOL_ERROR
SSL_ERROR_BAD_MAC_READ
SEC_ERROR_REUSED_ISSUER_AND_SERIAL
SEC_ERROR_LIBRARY_FAILURE

When I bring the WireGuard tunnel down on the pbpro, everything works, but obviously I'm not on the VPN.

I'm running Manjaro/KDE on the Pinebook Pro. I have tried both the native WireGuard in the Linux kernel I'm using on the pbpro (Linux pinebook pro 5.6.0-0.42-MANJARO-ARM) as well as the DKMS version of WireGuard with the same results.

I have tried using wg-quick from the command line and using the NetworkManager GUI to generate the config with the same results.

I don't know what else I can try. Have any of you got WireGuard working on the Pinebook Pro?
#2
I use the wireguard module compiled from source on the default Debian+MATE all the time with no problems.

A quick web search suggests it might be MTU:
https://old.reddit.com/r/WireGuard/comme...guard_vpn/

Maybe these tools would help find the problem?
https://maulwuff.de/research/ssl-debugging.html#hdr2
#3
(05-13-2020, 10:29 AM)ryanobeirne Wrote: Have any of you got WireGuard working on the Pinebook Pro?

Hi, 

just wanted to report: Yes, I'm actively using Wireguard on Manjaro PBP with the native kernel module. I've been using it in the past with DKMS and that also worked well. 

I would also say that this sounds a bit like an MTU issue. Could you post your configuration? (ideally for both sides. Please remove any keys!)

Also: Please tell us a bit more about the setup. Are you connecting to a home network via a NAT / port forwarding rule? If so: What type of internet connection do you have? DSL, Cable, Fiber, etc.


Possibly Related Threads…
Thread Author Replies Views Last Post
  Trouble with keyring IHaveALinuxPhone 1 1,359 04-30-2022, 08:37 PM
Last Post: TRS-80
  Trouble connecting to my home wifi bastafari 10 10,223 09-27-2020, 06:37 PM
Last Post: bastafari
  trouble with installing emacs Corey_R 1 2,430 09-14-2020, 08:24 PM
Last Post: carlosqueso
  trouble with shipping methods harakirisekaini 0 1,895 08-21-2020, 08:17 AM
Last Post: harakirisekaini

Forum Jump:


Users browsing this thread: 1 Guest(s)