https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253866
Sergey Akhmatov <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|Works As Intended |--- Status|Closed |Open --- Comment #3 from Sergey Akhmatov <[email protected]> --- (In reply to Gordon Bergling from comment #2) Hello, Example configuring wg0 interface is correct, the problem is with adding peers. My steps to reproduce, are exact copy-paste from man if_wg (FreeBSD bsd-current 14.0-CURRENT FreeBSD 14.0-CURRENT #5 main-n245256-37cd6c20dbc): # ifconfig wg0 create listen-port 54321 private-key `openssl rand -base64 32` Checking created interface: # ifconfig wg0 wg0: flags=8080a0<NOARP,MULTICAST> metric 0 mtu 1420 options=880000<LINKSTATE> groups: wg listen-port: 54321 private-key: SKQetK9X4MaHh7bXE/Y6mRgtZylRH5mp9Fj+reRP0no= public-key: 13+dUrtLJ6kt+mbWmGJeBppliygNq4WhmjOXjO4xrkA= media: Ethernet autoselect (25GBase-ACC <full-duplex>) status: active nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> Adding peer from manpage example: # ifconfig wg0 peer '7lWtsDdqaGB3EY9WNxRN3hVaHMtu1zXw71+bOjNOVUw=' endpoint 10.0.1.100 allowed-ips 192.168.2.100/32 ifconfig: 7lWtsDdqaGB3EY9WNxRN3hVaHMtu1zXw71+bOjNOVUw=: bad value Adding "public-key" before the key itself: # ifconfig wg0 peer public-key '7lWtsDdqaGB3EY9WNxRN3hVaHMtu1zXw71+bOjNOVUw=' endpoint 10.0.1.100 allowed-ips 192.168.2.100/32 ifconfig: bad endpoint format 10.0.1.100 - no port delimiter found Better, but we are still missing portnumber for peer. Adding port: # ifconfig wg0 peer public-key '7lWtsDdqaGB3EY9WNxRN3hVaHMtu1zXw71+bOjNOVUw=' endpoint 10.0.1.100:54321 allowed-ips 192.168.2.100/32 [Peer] PublicKey = 7lWtsDdqaGB3EY9WNxRN3hVaHMtu1zXw71+bOjNOVUw= Endpoint = 10.0.1.100:54321 AllowedIPs = 192.168.2.100/32 Now it's OK. Could you please review it once more and point me if I'm doing something wrong. I'll update patch, adding portnumber to peer IP if needed. And, BTW, the term "listing port" just doesn't make any sense to me in this context: "listen-port The listing port of the wg interface." English is not my native, but could you explain why is it correct? There is not a single word "listing" in wireguard doc (https://www.wireguard.com/papers/wireguard.pdf), while "listening port" would make sense here. -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ [email protected] mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-doc To unsubscribe, send any mail to "[email protected]"
