this post was submitted on 19 Jan 2024
1 points (100.0% liked)

WireGuard

3 readers
1 users here now

WireGuard - a fast, modern, secure VPN Tunnel.

founded 1 year ago
MODERATORS
[email protected]
1
Help with WireGuard over Shadowsocks obfuscation is needed (zerobytes.monster)
submitted 10 months ago by [email protected] to c/[email protected]
0 comments fedilink hide all child comments
 
This is an automated archive.

The original was posted on /r/wireguard by /u/zik_rey on 2024-01-19 14:21:14+00:00.

Hi! I want to set up Wireguard obfuscation through Shadowsocks because it stopped working several days ago due to ISPs in my country starting to block Wireguard and OpenVPN connections to foreign servers.

I've tried to set it up, but it doesn't work with my configs and I don't have enough experience to do it right.

Remote VPS configs:

wg config:

[Interface]
Address = 10.66.66.1/24,fd42:42:42::1/64
ListenPort = 60207
PrivateKey = 
PostUp = iptables -I INPUT -p udp --dport 60207 -j ACCEPT
PostUp = iptables -I FORWARD -i eth0 -o wg0 -j ACCEPT
PostUp = iptables -I FORWARD -i wg0 -j ACCEPT
PostUp = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostUp = ip6tables -I FORWARD -i wg0 -j ACCEPT
PostUp = ip6tables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D INPUT -p udp --dport 60207 -j ACCEPT
PostDown = iptables -D FORWARD -i eth0 -o wg0 -j ACCEPT
PostDown = iptables -D FORWARD -i wg0 -j ACCEPT
PostDown = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
PostDown = ip6tables -D FORWARD -i wg0 -j ACCEPT
PostDown = ip6tables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]
PublicKey = 
PresharedKey = 
AllowedIPs = 10.66.66.66/32,fd42:42:42::66/128

shadowsocks config:

{
    "servers": [
        {
            "server":"0.0.0.0",
            "server_port":8388,
            "password":,
            "timeout":300,
            "method":"chacha20-ietf-poly1305",
            "fast_open":true
        }
    ]
}

Local configs:

wg config:

[Interface]
PrivateKey = 
Address = 10.66.66.66/32,fd42:42:42::66/128
DNS = 10.66.66.10,1.1.1.1,1.0.0.1

[Peer]
PublicKey = 
PresharedKey = 
Endpoint = 127.0.0.1:1081
AllowedIPs = 0.0.0.0/0,::/0

shadowsocks config:

{
    "servers": [
        {
        "server":,
        "server_port":8388,
            "method":"chacha20-ietf-poly1305",
            "password":,
            "timeout":300,
            "fast_open":true
    }
    ],
    "locals": [
        {
            "local_address": "127.0.0.1",
            "local_port":1081,
        "tunnel_address":"127.0.0.1:60207",
            "mode":"udp_only"
        },
        {
            "local_address": "127.0.0.1",
            "local_port":1080
        }
    ]
}

Shadowsocks works fine with default SOCKS5 by 1080 port, but there is no connection when I enable WireGuard.

I've followed this guide, but it uses the old port of shadowsocks, so maybe there are mistakes in my adaptation of it's configs.

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here