WireGuard

This is an automated archive.

The original was posted on /r/wireguard by /u/SouthMate on 2024-01-03 21:23:22+00:00.

Hi,

I need to test some vps providers and would like to share some connections to use with netflix/prime/disney or any other service that require bandwith and stable connection.

Anyone interested in free vpn for a month? Right now I need to test New Jersey and Madrid.

This is an automated archive.

The original was posted on /r/wireguard by /u/justacuriouscase on 2024-01-03 18:19:09+00:00.

I am totally new to this so please excuse my ignorance.

I have wireguard option on my router. If I set it up and use it from a remote location to download or browse something, will the data be metered by my home ISP as well? The reason I am asking is that I have a limited data plan so I want to understand the details before doing anything.

TIA

This is an automated archive.

The original was posted on /r/wireguard by /u/No_Ostrich_8354 on 2024-01-03 13:59:31+00:00.

following situation:

client changed location where a firewall is active that blocks IPV4 traffic.

IPV6 works, so if I put endpoint with its IPv6 in brackets, it works as expected.

Now we have a DDNS address that is configured as dualstack with both IPV4 and V6.

if I put this address, the client prioritizes IPV4 and a connection cannot be established.

is there a way to force the client to treat the endpoint url as IPV6?

This is an automated archive.

The original was posted on /r/wireguard by /u/Selbstdenker_first on 2024-01-03 11:19:33+00:00.

Is it possible to setup multiple "servers" in a wireguard tunnel.

I assume that would mean that on the Client we would have multiple [Peer] sections with an endpoint defined on the Client configs. I also assume that we then would generate on each Server the public key with the same, identical Client private key per Client.

Would that be possible? (Conceptually I don't get how the routing would work, as each Client would have 2 Endpoints to the public internet. Is it defaulting to one?)

Use case: If a Server is down the VPN connection to a site should be still up for a Client. The experience for the Client should be seamless. Meaning he shouldn't even realize a Server or location is down.

(I am new to wireguard, hence I might cretaunly have missed something obvious)

This is an automated archive.

The original was posted on /r/wireguard by /u/ProbablyPooping_ on 2024-01-03 08:35:58+00:00.

My wireguard setup was working well but I'm finding some issues on my windows 11 client and am not sure why.. I have a profile I'm using to test on my android phone and on my laptop. The phone works fine but the laptop cannot access local devices when connected. It appears the internet is routing through the wireguard based on my ip address but I cannot work out why I can't access local devices when it works on my android with the exact same connection. I thought it could be an IP address issue but the laptop has it to default, same as the phone. Any help appreciated!

edit: it seems to be some problem with my windows client wiresock

This is an automated archive.

The original was posted on /r/wireguard by /u/Selbstdenker_first on 2024-01-03 11:19:33+00:00.

Is it possible to setup multiple "servers" in a wireguard tunnel.

I assume that would mean that on the Client we would have multiple [Peer] sections with an endpoint defined on the Client configs. I also assume that we then would generate on each Server the public key with the same, identical Client private key per Client.

Would that be possible? (Conceptually I don't get how the routing would work, as each Client would have 2 Endpoints to the public internet. Is it defaulting to one?)

Use case: If a Server is down the VPN connection to a site should be still up for a Client. The experience for the Client should be seamless. Meaning he shouldn't even realize a Server or location is down.

(I am new to wireguard, hence I might cretaunly have missed something obvious)

This is an automated archive.

The original was posted on /r/wireguard by /u/gurkalurka on 2024-01-03 04:20:02+00:00.

If I set

AllowedIPs = 0.0.0.0/0

I get a ping/ssh etc. All routes fine.

If I restrict AllowedIPs with 10.10.0.0/32 I get nothing on the routing.

Here is my wg0 conf:

[Interface]
Address = 10.10.0.1/24
#SaveConfig = true
PostUp = ip rule add table 200 from 
PostUp = ip route add table 200 default via 
PreDown = ip rule delete table 200 from 
PreDown = ip route delete table 200 default via 
PostDown = iptables -D INPUT -p udp --dport 51820 -j ACCEPT; iptables -t nat -D POSTROUTING -s 10.10.0.0/24 -o primary -j MASQUERADE
ListenPort = 51820
PrivateKey = xxx
DNS = 8.8.8.8 1.1.1.1

#peer 1
[Peer]
PublicKey = yyy
PresharedKey = zzz
AllowedIPs = 10.10.0.2/32

Peer 1 config:

[Interface]
PrivateKey = xxx
ListenPort = 51820
Address = 10.10.0.2/32
DNS = 1.1.1.1, 1.0.0.1
MTU = 1412

[Peer]
PublicKey = yyy
PresharedKey = zzz
AllowedIPs = 0.0.0.0/0
Endpoint = :51820
PersistentKeepalive = 25

Everything works fine only if using 0.0.0.0/0 as the allowed IPs setting. I would like to restrict it to 10.10.0.0/32 so I only route IPs that exist on this network through the tunnel, and everything else should use my normal route without the tunnel. I had this working before, but now not sure what's causing this.

Thanks

This is an automated archive.

The original was posted on /r/wireguard by /u/ProbablyPooping_ on 2024-01-03 08:35:58+00:00.

My wireguard setup was working well but I'm finding some issues on my windows 11 client and am not sure why.. I have a profile I'm using to test on my android phone and on my laptop. The phone works fine but the laptop cannot access local devices when connected. It appears the internet is routing through the wireguard based on my ip address but I cannot work out why I can't access local devices when it works on my android with the exact same connection. I thought it could be an IP address issue but the laptop has it to default, same as the phone. Any help appreciated!

edit: it seems to be some problem with my windows client wiresock

This is an automated archive.

The original was posted on /r/wireguard by /u/gurkalurka on 2024-01-03 04:20:02+00:00.

If I set

AllowedIPs = 0.0.0.0/0

I get a ping/ssh etc. All routes fine.

If I restrict AllowedIPs with 10.10.0.0/32 I get nothing on the routing.

Here is my wg0 conf:

[Interface]
Address = 10.10.0.1/24
#SaveConfig = true
PostUp = ip rule add table 200 from 
PostUp = ip route add table 200 default via 
PreDown = ip rule delete table 200 from 
PreDown = ip route delete table 200 default via 
PostDown = iptables -D INPUT -p udp --dport 51820 -j ACCEPT; iptables -t nat -D POSTROUTING -s 10.10.0.0/24 -o primary -j MASQUERADE
ListenPort = 51820
PrivateKey = xxx
DNS = 8.8.8.8 1.1.1.1

#peer 1
[Peer]
PublicKey = yyy
PresharedKey = zzz
AllowedIPs = 10.10.0.2/32

Peer 1 config:

[Interface]
PrivateKey = xxx
ListenPort = 51820
Address = 10.10.0.2/32
DNS = 1.1.1.1, 1.0.0.1
MTU = 1412

[Peer]
PublicKey = yyy
PresharedKey = zzz
AllowedIPs = 0.0.0.0/0
Endpoint = :51820
PersistentKeepalive = 25

Everything works fine only if using 0.0.0.0/0 as the allowed IPs setting. I would like to restrict it to 10.10.0.0/32 so I only route IPs that exist on this network through the tunnel, and everything else should use my normal route without the tunnel. I had this working before, but now not sure what's causing this.

Thanks

This is an automated archive.

The original was posted on /r/wireguard by /u/pyoopypops on 2024-01-02 21:50:49+00:00.

As we all know, if you have a network problem, it's always DNS. I'm at a bit of a loss for how to attack this current issue I'm having.

At home I have an Opnsense router running Wireguard. Opnsense provides DNS for some devices on the network, and I have a PiHole that other devices use.

When I'm on the road I connect to my home VPN with an Android phone and Windows 10 machine, both of which are configured to send all traffic through the WG tunnel and to use the PiHole for DNS. Nothing (that I know of) has changed on the server or on either device.

My issue: The phone works perfectly. The laptop *used to* work perfectly, but now is not able to access the internet when connected to WG. It can still reach all the devices on my home network while connected, but any requests which go outside the network (eg, to Google, Reddit, etc) time out. The fact that local network traffic works when connected to WG makes me think that it's DNS, since those addresses don't require DNS to reach. The strange thing, though, is that the problem persists regardless of which DNS server I instruct the laptop to use (ie PiHole or Opnsense). Both of those DNS servers are working if I alter the config on the phone. It's almost like the DNS request packets aren't going through the tunnel or are otherwise being blocked.

I've confirmed that the WG configuration on the laptop has not changed, and is still showing 0.0.0.0/0 for Allowed IPs.

The configuration on the WG server also has not changed, nor have any of the routing/firewall rules (as far as I can tell).

I'm sorry this was so wordy, hopefully it's clear what my issue is. I'm not even sure if this is a client (eg Windows) or a server issue, and I'm running out of thoughts on how to troubleshoot. I'll bet $10 that it's something dumb and I'm an idiot. Thank you for the help!

This is an automated archive.

The original was posted on /r/wireguard by /u/pyoopypops on 2024-01-02 21:50:49+00:00.

As we all know, if you have a network problem, it's always DNS. I'm at a bit of a loss for how to attack this current issue I'm having.

At home I have an Opnsense router running Wireguard. Opnsense provides DNS for some devices on the network, and I have a PiHole that other devices use.

When I'm on the road I connect to my home VPN with an Android phone and Windows 10 machine, both of which are configured to send all traffic through the WG tunnel and to use the PiHole for DNS. Nothing (that I know of) has changed on the server or on either device.

My issue: The phone works perfectly. The laptop *used to* work perfectly, but now is not able to access the internet when connected to WG. It can still reach all the devices on my home network while connected, but any requests which go outside the network (eg, to Google, Reddit, etc) time out. The fact that local network traffic works when connected to WG makes me think that it's DNS, since those addresses don't require DNS to reach. The strange thing, though, is that the problem persists regardless of which DNS server I instruct the laptop to use (ie PiHole or Opnsense). Both of those DNS servers are working if I alter the config on the phone. It's almost like the DNS request packets aren't going through the tunnel or are otherwise being blocked.

I've confirmed that the WG configuration on the laptop has not changed, and is still showing 0.0.0.0/0 for Allowed IPs.

The configuration on the WG server also has not changed, nor have any of the routing/firewall rules (as far as I can tell).

I'm sorry this was so wordy, hopefully it's clear what my issue is. I'm not even sure if this is a client (eg Windows) or a server issue, and I'm running out of thoughts on how to troubleshoot. I'll bet $10 that it's something dumb and I'm an idiot. Thank you for the help!

This is an automated archive.

The original was posted on /r/wireguard by /u/jayjr1105 on 2024-01-02 15:37:29+00:00.

So I have a docker setup that runs Adguard Home (DNS), Wireguard, and a few other things. The wireguard VPN works great but I cant choose my internal DNS server as the DNS. I have to use something external like 8.8.8.8 which defeats the purpose of why I wanted to get adguard running on my phone (Pixel 7). I assume it's because it's the same host IP in a different container. I left the wireguard IP scheme to 10.0.8.x or whatever it is by default. It also works if I plug in my old Pi3 that ran pihole standalone and use that internal IP address for DNS. Do I need a route in my firewall for the Wireguard subnet?

This is an automated archive.

The original was posted on /r/wireguard by /u/jayjr1105 on 2024-01-02 15:37:29+00:00.

So I have a docker setup that runs Adguard Home (DNS), Wireguard, and a few other things. The wireguard VPN works great but I cant choose my internal DNS server as the DNS. I have to use something external like 8.8.8.8 which defeats the purpose of why I wanted to get adguard running on my phone (Pixel 7). I assume it's because it's the same host IP in a different container. I left the wireguard IP scheme to 10.0.8.x or whatever it is by default. It also works if I plug in my old Pi3 that ran pihole standalone and use that internal IP address for DNS. Do I need a route in my firewall for the Wireguard subnet?

This is an automated archive.

The original was posted on /r/wireguard by /u/mmmzon on 2024-01-02 15:05:55+00:00.

Welcome, Redditors!

I have been trying to get Wireguard on Android 14 on Pixel 7 to bring up a pre-defined VPN tunnel using Automate app. What the app does, it calls com.wireguard.android.model.TunnelManager$IntentReceiver with com.wireguard.android.action.SET_TUNNEL_UP and I pass tunnel name to the app. When Wireguard is not working (app is shut down), the call does not seem to be received at all, even though logs from Wireguard show that it did receive the command and was processing it, but the tunnel was never brought up. All permissions seem to be set to allowed.

The log from Wireguard follows, starting from the tunnel trigger sent (tunnel name is "HOME", for reference) to me starting the app GUI and downloading the log. Automate does seem to send the trigger correctly, but the tunnel never comes up for whatever reason. Any thoughts / pointers would be really welcome.

Just BTW, the same behavior is observed on Pixel 5 as well. It used to work reasonably well on Android 12, so I suspect something changed in the way Android permits interaction between closed apps.

--------- beginning of main
01-02 05:58:49.618  3688  3751 I WireGuard/GoBackend: Bringing tunnel HOME UP
01-02 05:58:49.620  3688  3751 D WireGuard/GoBackend: Requesting to start VpnService
01-02 05:58:55.021  3688  4288 D vulkan  : searching for layers in '/data/app/~~_FG_hkDlBHAsM4yr3ui3CQ==/com.wireguard.android-pj2cjQJ5CWM9-wD7ILIVqA==/lib/arm64'
01-02 05:58:55.022  3688  4288 D vulkan  : searching for layers in '/data/app/~~_FG_hkDlBHAsM4yr3ui3CQ==/com.wireguard.android-pj2cjQJ5CWM9-wD7ILIVqA==/base.apk!/lib/arm64-v8a'
01-02 05:58:55.022  3688  4288 D vulkan  : searching for layers in '/data/app/~~_FG_hkDlBHAsM4yr3ui3CQ==/com.wireguard.android-pj2cjQJ5CWM9-wD7ILIVqA==/split_config.arm64_v8a.apk!/lib/arm64-v8a'
01-02 05:58:55.022  3688  4288 D vulkan  : searching for layers in '/data/app/~~_FG_hkDlBHAsM4yr3ui3CQ==/com.wireguard.android-pj2cjQJ5CWM9-wD7ILIVqA==/split_config.en.apk!/lib/arm64-v8a'
01-02 05:58:55.022  3688  4288 D vulkan  : searching for layers in '/data/app/~~_FG_hkDlBHAsM4yr3ui3CQ==/com.wireguard.android-pj2cjQJ5CWM9-wD7ILIVqA==/split_config.xxxhdpi.apk!/lib/arm64-v8a'
01-02 05:58:55.034  3688  3688 W reguard.android: Accessing hidden field Ljava/util/Collections$SynchronizedCollection;->mutex:Ljava/lang/Object; (max-target-o, reflection, denied)
01-02 05:58:55.035  3688  3688 W reguard.android: Accessing hidden method Ljava/util/Collections$SynchronizedSet;->(Ljava/util/Set;Ljava/lang/Object;)V (max-target-o, reflection, denied)
01-02 05:58:55.035  3688  3688 W reguard.android: Accessing hidden method Ljava/util/Collections$SynchronizedCollection;->(Ljava/util/Collection;Ljava/lang/Object;)V (max-target-o, reflection, denied)
01-02 05:58:55.038  3688  3688 D AppCompatDelegate: Checking for metadata for AppLocalesMetadataHolderService : Service not found
01-02 05:58:55.057  3688  3688 D CompatibilityChangeReporter: Compat change id reported: 210923482; UID 10421; state: ENABLED
01-02 05:58:55.059  3688  3688 I wm_on_create_called: [89125350,com.wireguard.android.activity.MainActivity,performCreate,13]
01-02 05:58:55.067  3688  3688 I wm_on_start_called: [89125350,com.wireguard.android.activity.MainActivity,handleStartActivity,8]
01-02 05:58:55.069  3688  3688 I wm_on_resume_called: [89125350,com.wireguard.android.activity.MainActivity,RESUME_ACTIVITY,0]
01-02 05:58:55.072  3688  3688 D CompatibilityChangeReporter: Compat change id reported: 237531167; UID 10421; state: DISABLED
01-02 05:58:55.079  3688  3688 I wm_on_top_resumed_gained_called: [89125350,com.wireguard.android.activity.MainActivity,topStateChangedWhenResumed]
01-02 05:58:56.812  3688  3688 I menu_item_selected: [0,Settings]
01-02 05:58:56.825  3688  3688 I wm_on_top_resumed_lost_called: [89125350,com.wireguard.android.activity.MainActivity,topStateChangedWhenResumed]
01-02 05:58:56.827  3688  3688 I wm_on_paused_called: [89125350,com.wireguard.android.activity.MainActivity,performPause,0]
01-02 05:58:56.840  3688  3688 I wm_on_create_called: [49795311,com.wireguard.android.activity.SettingsActivity,performCreate,3]
01-02 05:58:56.864  3688  3688 I wm_on_start_called: [49795311,com.wireguard.android.activity.SettingsActivity,handleStartActivity,19]
01-02 05:58:56.865  3688  3688 I wm_on_resume_called: [49795311,com.wireguard.android.activity.SettingsActivity,RESUME_ACTIVITY,0]
01-02 05:58:56.876  3688  3688 I wm_on_top_resumed_gained_called: [49795311,com.wireguard.android.activity.SettingsActivity,topStateChangedWhenResumed]
01-02 05:58:57.441  3688  4288 D OpenGLRenderer: endAllActiveAnimators on 0xb400007ce9da4c80 (RippleDrawable) with handle 0xb400007e69dbac30
01-02 05:58:57.453  3688  3688 I wm_on_stop_called: [89125350,com.wireguard.android.activity.MainActivity,STOP_ACTIVITY_ITEM,1]
01-02 05:58:58.210  3688  3688 I wm_on_top_resumed_lost_called: [49795311,com.wireguard.android.activity.SettingsActivity,topStateChangedWhenResumed]
01-02 05:58:58.211  3688  3688 I wm_on_paused_called: [49795311,com.wireguard.android.activity.SettingsActivity,performPause,0]
01-02 05:58:58.230  3688  3688 I wm_on_create_called: [218086317,com.wireguard.android.activity.LogViewerActivity,performCreate,9]
01-02 05:58:58.231  3688  3688 I wm_on_start_called: [218086317,com.wireguard.android.activity.LogViewerActivity,handleStartActivity,0]
01-02 05:58:58.232  3688  3688 I wm_on_resume_called: [218086317,com.wireguard.android.activity.LogViewerActivity,RESUME_ACTIVITY,0]
01-02 05:58:58.240  3688  3688 I wm_on_top_resumed_gained_called: [218086317,com.wireguard.android.activity.LogViewerActivity,topStateChangedWhenResumed]
01-02 05:58:58.775  3688  3688 I wm_on_stop_called: [49795311,com.wireguard.android.activity.SettingsActivity,STOP_ACTIVITY_ITEM,0]
01-02 05:58:58.787  3688  4288 D OpenGLRenderer: endAllActiveAnimators on 0xb400007ce9dcd040 (RippleDrawable) with handle 0xb400007e69dab330
01-02 05:58:59.931  3688  3688 I wm_on_top_resumed_lost_called: [218086317,com.wireguard.android.activity.LogViewerActivity,topStateChangedWhenResumed]
01-02 05:58:59.932  3688  3688 I wm_on_paused_called: [218086317,com.wireguard.android.activity.LogViewerActivity,performPause,0]
01-02 05:59:02.867  3688  3688 I wm_on_stop_called: [218086317,com.wireguard.android.activity.LogViewerActivity,STOP_ACTIVITY_ITEM,0]
01-02 05:59:06.135  3688  3688 D CompatibilityChangeReporter: Compat change id reported: 78294732; UID 10421; state: ENABLED
01-02 05:59:06.136  3688  3688 I wm_on_restart_called: [218086317,com.wireguard.android.activity.LogViewerActivity,performRestart,0]
01-02 05:59:06.136  3688  3688 I wm_on_start_called: [218086317,com.wireguard.android.activity.LogViewerActivity,handleStartActivity,1]
01-02 05:59:06.138  3688  3688 I wm_on_activity_result_called: [218086317,com.wireguard.android.activity.LogViewerActivity,ACTIVITY_RESULT]
01-02 05:59:06.138  3688  3688 I wm_on_resume_called: [218086317,com.wireguard.android.activity.LogViewerActivity,RESUME_ACTIVITY,0]
01-02 05:59:06.138  3688  3688 I wm_on_top_resumed_gained_called: [218086317,com.wireguard.android.activity.LogViewerActivity,topWhenResuming]
01-02 05:59:08.583  3688  3688 I wm_on_top_resumed_lost_called: [218086317,com.wireguard.android.activity.LogViewerActivity,topStateChangedWhenResumed]
01-02 05:59:08.583  3688  3688 I wm_on_paused_called: [218086317,com.wireguard.android.activity.LogViewerActivity,performPause,0]
01-02 05:59:08.600  3688  3688 I wm_on_restart_called: [49795311,com.wireguard.android.activity.SettingsActivity,performRestart,0]
01-02 05:59:08.600  3688  3688 I wm_on_start_called: [49795311,com.wireguard.android.activity.SettingsActivity,handleStartActivity,1]
01-02 05:59:08.601  3688  3688 I wm_on_resume_called: [49795311,com.wireguard.android.activity.SettingsActivity,RESUME_ACTIVITY,0]
01-02 05:59:08.601  3688  3688 I wm_on_top_resumed_gained_called: [49795311,com.wireguard.android.activity.SettingsActivity,topWhenResuming]
01-02 05:59:09.146  3688  4288 D OpenGLRenderer: endAllActiveAnimators on 0xb400007ce9de65d0 (RippleDrawable) with handle 0xb400007e69dcc7b0
01-02 05:59:09.151  3688  3688 I wm_on_stop_called: [218086317,com.wireguard.android.activity.LogViewerActivity,LIFECYCLER_STOP_ACTIVITY,0]
01-02 05:59:09.152  3688  3688 W WindowOnBackDispatcher: sendCancelIfRunning: isInProgress=falsecallback=android.app.Activity$$ExternalSyntheticLambda0@6fc0e28
01-02 05:59:09.152  3688  3688 I wm_on_destroy_called: [218086317,com.wireguard.android.activity.LogViewerActivity,performDestroy,1]
01-02 05:59:09.827  3688  3688 I view_enqueue_input_event: [Motion - Cancel,com.wireguard.android/com.wireguard.android.activity.SettingsActivity]
01-02 05:59:09.830  3688  3688 I wm_on_top_resumed_lost_called: [49795311,com.wireguard.android.activity.SettingsActivity,topStateChangedWhenResumed]
01-02 05:59:09.884  3688  3688 I wm_on_paused_called: [49795311,com.wireguard.android.activity.SettingsActivity,performPause,0]
01-02 05:59:10.384  3688  3688 I wm_on_stop_called: [49795311,com.wireguard.android.activity.SettingsActivity,STOP_ACTIVITY_ITEM,1]
01-02 05:59:34.152  3688  3688 I wm_on_restart_called: [49795311,com.wireguard.android.activity.SettingsActivity,performRestart,0]
01-02 05:59:34.153  3688  3688 I wm_on_start_called: [49795311,com.wireguard.android.activity.SettingsActivity,handleStartActivity,1]
01-02 05:59:34.155  3688  3688 I wm_on_resume_called: [49795311,com.wireguard.androi...
***
Content cut off. Read original on https://www.reddit.com/r/WireGuard/comments/18wrhpr/toggling_vpn_tunnel_on_android_14/

This is an automated archive.

The original was posted on /r/wireguard by /u/mmmzon on 2024-01-02 15:05:55+00:00.

Welcome, Redditors!

I have been trying to get Wireguard on Android 14 on Pixel 7 to bring up a pre-defined VPN tunnel using Automate app. What the app does, it calls com.wireguard.android.model.TunnelManager$IntentReceiver with com.wireguard.android.action.SET_TUNNEL_UP and I pass tunnel name to the app. When Wireguard is not working (app is shut down), the call does not seem to be received at all, even though logs from Wireguard show that it did receive the command and was processing it, but the tunnel was never brought up. All permissions seem to be set to allowed.

The log from Wireguard follows, starting from the tunnel trigger sent (tunnel name is "HOME", for reference) to me starting the app GUI and downloading the log. Automate does seem to send the trigger correctly, but the tunnel never comes up for whatever reason. Any thoughts / pointers would be really welcome.

Just BTW, the same behavior is observed on Pixel 5 as well. It used to work reasonably well on Android 12, so I suspect something changed in the way Android permits interaction between closed apps.

--------- beginning of main
01-02 05:58:49.618  3688  3751 I WireGuard/GoBackend: Bringing tunnel HOME UP
01-02 05:58:49.620  3688  3751 D WireGuard/GoBackend: Requesting to start VpnService
01-02 05:58:55.021  3688  4288 D vulkan  : searching for layers in '/data/app/~~_FG_hkDlBHAsM4yr3ui3CQ==/com.wireguard.android-pj2cjQJ5CWM9-wD7ILIVqA==/lib/arm64'
01-02 05:58:55.022  3688  4288 D vulkan  : searching for layers in '/data/app/~~_FG_hkDlBHAsM4yr3ui3CQ==/com.wireguard.android-pj2cjQJ5CWM9-wD7ILIVqA==/base.apk!/lib/arm64-v8a'
01-02 05:58:55.022  3688  4288 D vulkan  : searching for layers in '/data/app/~~_FG_hkDlBHAsM4yr3ui3CQ==/com.wireguard.android-pj2cjQJ5CWM9-wD7ILIVqA==/split_config.arm64_v8a.apk!/lib/arm64-v8a'
01-02 05:58:55.022  3688  4288 D vulkan  : searching for layers in '/data/app/~~_FG_hkDlBHAsM4yr3ui3CQ==/com.wireguard.android-pj2cjQJ5CWM9-wD7ILIVqA==/split_config.en.apk!/lib/arm64-v8a'
01-02 05:58:55.022  3688  4288 D vulkan  : searching for layers in '/data/app/~~_FG_hkDlBHAsM4yr3ui3CQ==/com.wireguard.android-pj2cjQJ5CWM9-wD7ILIVqA==/split_config.xxxhdpi.apk!/lib/arm64-v8a'
01-02 05:58:55.034  3688  3688 W reguard.android: Accessing hidden field Ljava/util/Collections$SynchronizedCollection;->mutex:Ljava/lang/Object; (max-target-o, reflection, denied)
01-02 05:58:55.035  3688  3688 W reguard.android: Accessing hidden method Ljava/util/Collections$SynchronizedSet;->(Ljava/util/Set;Ljava/lang/Object;)V (max-target-o, reflection, denied)
01-02 05:58:55.035  3688  3688 W reguard.android: Accessing hidden method Ljava/util/Collections$SynchronizedCollection;->(Ljava/util/Collection;Ljava/lang/Object;)V (max-target-o, reflection, denied)
01-02 05:58:55.038  3688  3688 D AppCompatDelegate: Checking for metadata for AppLocalesMetadataHolderService : Service not found
01-02 05:58:55.057  3688  3688 D CompatibilityChangeReporter: Compat change id reported: 210923482; UID 10421; state: ENABLED
01-02 05:58:55.059  3688  3688 I wm_on_create_called: [89125350,com.wireguard.android.activity.MainActivity,performCreate,13]
01-02 05:58:55.067  3688  3688 I wm_on_start_called: [89125350,com.wireguard.android.activity.MainActivity,handleStartActivity,8]
01-02 05:58:55.069  3688  3688 I wm_on_resume_called: [89125350,com.wireguard.android.activity.MainActivity,RESUME_ACTIVITY,0]
01-02 05:58:55.072  3688  3688 D CompatibilityChangeReporter: Compat change id reported: 237531167; UID 10421; state: DISABLED
01-02 05:58:55.079  3688  3688 I wm_on_top_resumed_gained_called: [89125350,com.wireguard.android.activity.MainActivity,topStateChangedWhenResumed]
01-02 05:58:56.812  3688  3688 I menu_item_selected: [0,Settings]
01-02 05:58:56.825  3688  3688 I wm_on_top_resumed_lost_called: [89125350,com.wireguard.android.activity.MainActivity,topStateChangedWhenResumed]
01-02 05:58:56.827  3688  3688 I wm_on_paused_called: [89125350,com.wireguard.android.activity.MainActivity,performPause,0]
01-02 05:58:56.840  3688  3688 I wm_on_create_called: [49795311,com.wireguard.android.activity.SettingsActivity,performCreate,3]
01-02 05:58:56.864  3688  3688 I wm_on_start_called: [49795311,com.wireguard.android.activity.SettingsActivity,handleStartActivity,19]
01-02 05:58:56.865  3688  3688 I wm_on_resume_called: [49795311,com.wireguard.android.activity.SettingsActivity,RESUME_ACTIVITY,0]
01-02 05:58:56.876  3688  3688 I wm_on_top_resumed_gained_called: [49795311,com.wireguard.android.activity.SettingsActivity,topStateChangedWhenResumed]
01-02 05:58:57.441  3688  4288 D OpenGLRenderer: endAllActiveAnimators on 0xb400007ce9da4c80 (RippleDrawable) with handle 0xb400007e69dbac30
01-02 05:58:57.453  3688  3688 I wm_on_stop_called: [89125350,com.wireguard.android.activity.MainActivity,STOP_ACTIVITY_ITEM,1]
01-02 05:58:58.210  3688  3688 I wm_on_top_resumed_lost_called: [49795311,com.wireguard.android.activity.SettingsActivity,topStateChangedWhenResumed]
01-02 05:58:58.211  3688  3688 I wm_on_paused_called: [49795311,com.wireguard.android.activity.SettingsActivity,performPause,0]
01-02 05:58:58.230  3688  3688 I wm_on_create_called: [218086317,com.wireguard.android.activity.LogViewerActivity,performCreate,9]
01-02 05:58:58.231  3688  3688 I wm_on_start_called: [218086317,com.wireguard.android.activity.LogViewerActivity,handleStartActivity,0]
01-02 05:58:58.232  3688  3688 I wm_on_resume_called: [218086317,com.wireguard.android.activity.LogViewerActivity,RESUME_ACTIVITY,0]
01-02 05:58:58.240  3688  3688 I wm_on_top_resumed_gained_called: [218086317,com.wireguard.android.activity.LogViewerActivity,topStateChangedWhenResumed]
01-02 05:58:58.775  3688  3688 I wm_on_stop_called: [49795311,com.wireguard.android.activity.SettingsActivity,STOP_ACTIVITY_ITEM,0]
01-02 05:58:58.787  3688  4288 D OpenGLRenderer: endAllActiveAnimators on 0xb400007ce9dcd040 (RippleDrawable) with handle 0xb400007e69dab330
01-02 05:58:59.931  3688  3688 I wm_on_top_resumed_lost_called: [218086317,com.wireguard.android.activity.LogViewerActivity,topStateChangedWhenResumed]
01-02 05:58:59.932  3688  3688 I wm_on_paused_called: [218086317,com.wireguard.android.activity.LogViewerActivity,performPause,0]
01-02 05:59:02.867  3688  3688 I wm_on_stop_called: [218086317,com.wireguard.android.activity.LogViewerActivity,STOP_ACTIVITY_ITEM,0]
01-02 05:59:06.135  3688  3688 D CompatibilityChangeReporter: Compat change id reported: 78294732; UID 10421; state: ENABLED
01-02 05:59:06.136  3688  3688 I wm_on_restart_called: [218086317,com.wireguard.android.activity.LogViewerActivity,performRestart,0]
01-02 05:59:06.136  3688  3688 I wm_on_start_called: [218086317,com.wireguard.android.activity.LogViewerActivity,handleStartActivity,1]
01-02 05:59:06.138  3688  3688 I wm_on_activity_result_called: [218086317,com.wireguard.android.activity.LogViewerActivity,ACTIVITY_RESULT]
01-02 05:59:06.138  3688  3688 I wm_on_resume_called: [218086317,com.wireguard.android.activity.LogViewerActivity,RESUME_ACTIVITY,0]
01-02 05:59:06.138  3688  3688 I wm_on_top_resumed_gained_called: [218086317,com.wireguard.android.activity.LogViewerActivity,topWhenResuming]
01-02 05:59:08.583  3688  3688 I wm_on_top_resumed_lost_called: [218086317,com.wireguard.android.activity.LogViewerActivity,topStateChangedWhenResumed]
01-02 05:59:08.583  3688  3688 I wm_on_paused_called: [218086317,com.wireguard.android.activity.LogViewerActivity,performPause,0]
01-02 05:59:08.600  3688  3688 I wm_on_restart_called: [49795311,com.wireguard.android.activity.SettingsActivity,performRestart,0]
01-02 05:59:08.600  3688  3688 I wm_on_start_called: [49795311,com.wireguard.android.activity.SettingsActivity,handleStartActivity,1]
01-02 05:59:08.601  3688  3688 I wm_on_resume_called: [49795311,com.wireguard.android.activity.SettingsActivity,RESUME_ACTIVITY,0]
01-02 05:59:08.601  3688  3688 I wm_on_top_resumed_gained_called: [49795311,com.wireguard.android.activity.SettingsActivity,topWhenResuming]
01-02 05:59:09.146  3688  4288 D OpenGLRenderer: endAllActiveAnimators on 0xb400007ce9de65d0 (RippleDrawable) with handle 0xb400007e69dcc7b0
01-02 05:59:09.151  3688  3688 I wm_on_stop_called: [218086317,com.wireguard.android.activity.LogViewerActivity,LIFECYCLER_STOP_ACTIVITY,0]
01-02 05:59:09.152  3688  3688 W WindowOnBackDispatcher: sendCancelIfRunning: isInProgress=falsecallback=android.app.Activity$$ExternalSyntheticLambda0@6fc0e28
01-02 05:59:09.152  3688  3688 I wm_on_destroy_called: [218086317,com.wireguard.android.activity.LogViewerActivity,performDestroy,1]
01-02 05:59:09.827  3688  3688 I view_enqueue_input_event: [Motion - Cancel,com.wireguard.android/com.wireguard.android.activity.SettingsActivity]
01-02 05:59:09.830  3688  3688 I wm_on_top_resumed_lost_called: [49795311,com.wireguard.android.activity.SettingsActivity,topStateChangedWhenResumed]
01-02 05:59:09.884  3688  3688 I wm_on_paused_called: [49795311,com.wireguard.android.activity.SettingsActivity,performPause,0]
01-02 05:59:10.384  3688  3688 I wm_on_stop_called: [49795311,com.wireguard.android.activity.SettingsActivity,STOP_ACTIVITY_ITEM,1]
01-02 05:59:34.152  3688  3688 I wm_on_restart_called: [49795311,com.wireguard.android.activity.SettingsActivity,performRestart,0]
01-02 05:59:34.153  3688  3688 I wm_on_start_called: [49795311,com.wireguard.android.activity.SettingsActivity,handleStartActivity,1]
01-02 05:59:34.155  3688  3688 I wm_on_resume_called: [49795311,com.wireguard.androi...
***
Content cut off. Read original on https://www.reddit.com/r/WireGuard/comments/18wrhpr/toggling_vpn_tunnel_on_android_14/

This is an automated archive.

The original was posted on /r/wireguard by /u/kellmann1337 on 2024-01-02 14:44:08+00:00.

Hi,

I have a wireguard intergafce wg1 where I call PostUp = /etc/wireguard/postup.sh. My postup.sh looks like this:

WIREGUARD_INTERFACE=wg1
WIREGUARD_LAN=10.0.0.0/24
MASQUERADE_INTERFACE=eth0
CHAIN_NAME=WIREGUARD_wg1
WIREGUARD_CLIENT=10.0.0.2
WIREGUARD_DNS=192.168.178.47

iptables -t nat -I POSTROUTING -o $MASQUERADE_INTERFACE -j MASQUERADE -s $WIREGUARD_LAN

# Add a WIREGUARD_wg0 chain to the FORWARD chain
iptables -N $CHAIN_NAME
iptables -A FORWARD -j $CHAIN_NAME

# Accept related or established traffic
iptables -A $CHAIN_NAME -o $WIREGUARD_INTERFACE -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

# Allow traffic to router and DNS gateway
iptables -A $CHAIN_NAME -s $WIREGUARD_CLIENT -d 192.168.178.1 -j ACCEPT
iptables -A $CHAIN_NAME -s $WIREGUARD_CLIENT -d 192.168.178.47 -j ACCEPT

# Accept outgoing connections to any IP address (public because of rule above)
iptables -A $CHAIN_NAME -s $WIREGUARD_CLIENT -i $WIREGUARD_INTERFACE -j ACCEPT

# Accept outgoing connections to HTTP(S) ports to any IP address (public because of rule above)
iptables -A $CHAIN_NAME -s $WIREGUARD_CLIENT -i $WIREGUARD_INTERFACE -d 0.0.0.0/0 -p tcp -m multiport --dports 80,443 -j ACCEPT

# Drop traffic to your any private IP address
iptables -A $CHAIN_NAME -s $WIREGUARD_CLIENT -i $WIREGUARD_INTERFACE -d 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 -j DROP

# Drop everything else coming through the Wireguard interface
iptables -A $CHAIN_NAME -i $WIREGUARD_INTERFACE -j DROP

# Return to FORWARD chain
iptables -A $CHAIN_NAME -j RETURN

I would expect that the connected client is able to do web browsing, but is not allowed to access any IPs from the Network the wireguard server runs. But the opposite is happening: The client can access IPs and even use the local DNS, but is not able to access any page from the internet.

The output of iptables -L -v -n is:

Chain INPUT (policy ACCEPT 6449 packets, 1002K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 338 packets, 60782 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 2772 1683K WIREGUARD_wg1  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 8419 packets, 5997K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain WIREGUARD_wg1 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  877 1535K ACCEPT     0    --  *      wg1     0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
  446 48489 ACCEPT     0    --  *      *       10.0.0.2             192.168.178.1         
  103  6958 ACCEPT     0    --  *      *       10.0.0.2             192.168.178.47        
 1346 92153 ACCEPT     0    --  wg1    *       10.0.0.2             0.0.0.0/0           
    0     0 ACCEPT     6    --  wg1    *       10.0.0.2             0.0.0.0/0            multiport dports 80,443
    0     0 DROP       0    --  wg1    *       10.0.0.2             10.0.0.0/8          
    0     0 DROP       0    --  wg1    *       10.0.0.2             172.16.0.0/12       
    0     0 DROP       0    --  wg1    *       10.0.0.2             192.168.0.0/16      
    0     0 DROP       0    --  wg1    *       0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0 

In my understanding the output shows what I would expect. But I guess I have a lack of understanding. Any hints or help you could give me to archive my goal: The client should only be allowed to access the internet and nothing else. My wg0 interface which allows everything is working fine, so its not a "bigger" networking issue.

Thanks for any help in advance :)

This is an automated archive.

The original was posted on /r/wireguard by /u/kellmann1337 on 2024-01-02 14:44:08+00:00.

Hi,

I have a wireguard intergafce wg1 where I call PostUp = /etc/wireguard/postup.sh. My postup.sh looks like this:

WIREGUARD_INTERFACE=wg1
WIREGUARD_LAN=10.0.0.0/24
MASQUERADE_INTERFACE=eth0
CHAIN_NAME=WIREGUARD_wg1
WIREGUARD_CLIENT=10.0.0.2
WIREGUARD_DNS=192.168.178.47

iptables -t nat -I POSTROUTING -o $MASQUERADE_INTERFACE -j MASQUERADE -s $WIREGUARD_LAN

# Add a WIREGUARD_wg0 chain to the FORWARD chain
iptables -N $CHAIN_NAME
iptables -A FORWARD -j $CHAIN_NAME

# Accept related or established traffic
iptables -A $CHAIN_NAME -o $WIREGUARD_INTERFACE -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

# Allow traffic to router and DNS gateway
iptables -A $CHAIN_NAME -s $WIREGUARD_CLIENT -d 192.168.178.1 -j ACCEPT
iptables -A $CHAIN_NAME -s $WIREGUARD_CLIENT -d 192.168.178.47 -j ACCEPT

# Accept outgoing connections to any IP address (public because of rule above)
iptables -A $CHAIN_NAME -s $WIREGUARD_CLIENT -i $WIREGUARD_INTERFACE -j ACCEPT

# Accept outgoing connections to HTTP(S) ports to any IP address (public because of rule above)
iptables -A $CHAIN_NAME -s $WIREGUARD_CLIENT -i $WIREGUARD_INTERFACE -d 0.0.0.0/0 -p tcp -m multiport --dports 80,443 -j ACCEPT

# Drop traffic to your any private IP address
iptables -A $CHAIN_NAME -s $WIREGUARD_CLIENT -i $WIREGUARD_INTERFACE -d 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 -j DROP

# Drop everything else coming through the Wireguard interface
iptables -A $CHAIN_NAME -i $WIREGUARD_INTERFACE -j DROP

# Return to FORWARD chain
iptables -A $CHAIN_NAME -j RETURN

I would expect that the connected client is able to do web browsing, but is not allowed to access any IPs from the Network the wireguard server runs. But the opposite is happening: The client can access IPs and even use the local DNS, but is not able to access any page from the internet.

The output of iptables -L -v -n is:

Chain INPUT (policy ACCEPT 6449 packets, 1002K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 338 packets, 60782 bytes)
 pkts bytes target     prot opt in     out     source               destination         
 2772 1683K WIREGUARD_wg1  0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain OUTPUT (policy ACCEPT 8419 packets, 5997K bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain WIREGUARD_wg1 (1 references)
 pkts bytes target     prot opt in     out     source               destination         
  877 1535K ACCEPT     0    --  *      wg1     0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
  446 48489 ACCEPT     0    --  *      *       10.0.0.2             192.168.178.1         
  103  6958 ACCEPT     0    --  *      *       10.0.0.2             192.168.178.47        
 1346 92153 ACCEPT     0    --  wg1    *       10.0.0.2             0.0.0.0/0           
    0     0 ACCEPT     6    --  wg1    *       10.0.0.2             0.0.0.0/0            multiport dports 80,443
    0     0 DROP       0    --  wg1    *       10.0.0.2             10.0.0.0/8          
    0     0 DROP       0    --  wg1    *       10.0.0.2             172.16.0.0/12       
    0     0 DROP       0    --  wg1    *       10.0.0.2             192.168.0.0/16      
    0     0 DROP       0    --  wg1    *       0.0.0.0/0            0.0.0.0/0           
    0     0 RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0 

In my understanding the output shows what I would expect. But I guess I have a lack of understanding. Any hints or help you could give me to archive my goal: The client should only be allowed to access the internet and nothing else. My wg0 interface which allows everything is working fine, so its not a "bigger" networking issue.

Thanks for any help in advance :)

This is an automated archive.

The original was posted on /r/wireguard by /u/dagu1992 on 2024-01-02 08:34:44+00:00.

Hi all,

I have installed PiVPN with Wireguard and configured it properly on my Raspberry Pi 4 (4GB). Everything is running ok in terms of configuration.

However, the VPN speed limit (realized with www.speedtest.com) is around 20Mb/s.

My home connection (where the Rasp is connected via 1Gbit Ethernet) is around 130Mb/s and from any mobile device (android/apple) I have the following measures:

• Without VPN:
  • using speedtest app mobile (ookla)
  • Down: 80Mb/s
  • Up: 11 Mb/s
  • Ping 21 ms
  • Jitter 6 ms
• With VPN (Wireguard)
  • using speedtest app mobile (ookla)
  • Down: 18Mb/s
  • Up: 7.2 Mb/s
  • Ping 41 ms
  • Jitter 10 ms

I tried the same tests using a laptop connection (always from outside) with a home connection around 1Gb/s and when in VPN connection/Wireguard I have the same speedtest measures (limited to 20Mb/s).

I tried also modify MTU size but nothing changes. I tried different OS (64bit only), such as Raspbian OS and Ubuntu Server 22.04 TS with the same result.

I need to connect in VPN from outside in order to access some public streaming services that verify my IP zone (country level), so I need a good connection for this.

Do you happen to know how to solve this problem? Thanks

This is an automated archive.

The original was posted on /r/wireguard by /u/Ordinary_Employer_39 on 2024-01-02 04:57:46+00:00.

Wiregate is the fastest way to deploy a secure comms network with built in denial and user access control. Built on docker running super light alpine containers.

This is an automated archive.

The original was posted on /r/wireguard by /u/Ordinary_Employer_39 on 2024-01-02 04:57:46+00:00.

Wiregate is the fastest way to deploy a secure comms network with built in denial and user access control. Built on docker running super light alpine containers.

This is an automated archive.

The original was posted on /r/wireguard by /u/plyn_algo on 2024-01-01 22:41:06+00:00.

Hello there,

I am using opnsense and would like to remotely access my local ip cameras.

I could ask my ISP for a public IP and set up wireguard.

Or I could run RustDesk (an open source TeamViewer alternative) on an rpi on my local network.

Or I could use tailscale (or some other alternative to pinhole the traffic through the ISP's nat)

Or something else?

Tbh, I'm a bit scared of using a public IP address, and even opening a port on WAN for wireguard (maybe it's because of my lack of knowledge).

Having the same public IP as dozens of ISPs customers could also "anonymize" traffic against 3rd party servers.

My ISP has a good reputation, however, he doesn't provide much info about his network, routers, security etc...

Not sure if using something like tailscale or running remote desktop would actually be more secure and worth the extra effort to set up and maintain.

If using public IP I could probably buy an extra (cheaper) router and set up a subnet just for my devices. But wouldn't that be overkill when I can literally set firewall rules for vlan interface?

I don't know. What are your thoughts and suggestions?

Thank you!

This is an automated archive.

The original was posted on /r/wireguard by /u/plyn_algo on 2024-01-01 22:41:06+00:00.

Hello there,

I am using opnsense and would like to remotely access my local ip cameras.

I could ask my ISP for a public IP and set up wireguard.

Or I could run RustDesk (an open source TeamViewer alternative) on an rpi on my local network.

Or I could use tailscale (or some other alternative to pinhole the traffic through the ISP's nat)

Or something else?

Tbh, I'm a bit scared of using a public IP address, and even opening a port on WAN for wireguard (maybe it's because of my lack of knowledge).

Having the same public IP as dozens of ISPs customers could also "anonymize" traffic against 3rd party servers.

My ISP has a good reputation, however, he doesn't provide much info about his network, routers, security etc...

Not sure if using something like tailscale or running remote desktop would actually be more secure and worth the extra effort to set up and maintain.

If using public IP I could probably buy an extra (cheaper) router and set up a subnet just for my devices. But wouldn't that be overkill when I can literally set firewall rules for vlan interface?

I don't know. What are your thoughts and suggestions?

Thank you!

This is an automated archive.

The original was posted on /r/wireguard by /u/chaos2tw on 2024-01-01 21:06:18+00:00.

Hi I followed this:

To install the WebUI and it works…when I run it manually. I followed the directions on that page to set up a service but service status shows it is dead and I can’t figure out what I did wrong. Is there someone who has some time to spare that could help me?

I can share logs screenshots etc if needed.

TIA For considering

Edit:

systemd[1]: /etc/systemd/system/wgui.service:1: Assignment outside of section.>

systemd[1]: /etc/systemd/system/wgui.service:2: Assignment outside of section.>

This is an automated archive.

The original was posted on /r/wireguard by /u/chaos2tw on 2024-01-01 21:06:18+00:00.

Hi I followed this:

To install the WebUI and it works…when I run it manually. I followed the directions on that page to set up a service but service status shows it is dead and I can’t figure out what I did wrong. Is there someone who has some time to spare that could help me?

I can share logs screenshots etc if needed.

TIA For considering

Edit:

systemd[1]: /etc/systemd/system/wgui.service:1: Assignment outside of section.>

systemd[1]: /etc/systemd/system/wgui.service:2: Assignment outside of section.>

This is an automated archive.

The original was posted on /r/wireguard by /u/daizerino on 2024-01-01 20:05:27+00:00.

Hello, I have a problem with wireguard in wsl 2.

Adapters in Windows: vps: "Ethernet Instance 0" (public IP) WSL: "vEthernet" (172.16.54.1)

in Ubuntu wireguard: "wg0" (10.155.7.1) Ethernet: "eth0" (172.16.54.1)

i have pihole and pivpn(wireguard installed).

i forward ports 80,53,51820 tcp and 51820 udp with netsh so that i can access the webserver from pihole on the internet.

on my wireguard client i see packages are sent but cannot be received always 0.

i think it is because i cant forward anything from wsl(ubunu) to my vps(public Ip) because i dont have a adapter.

does anyone know what i could try to make the vpn work? or knows a guide?