Re: Problems with Windows client

Tue, 24 Nov 2020 02:18:21 -0800 

Hi
I've taken a futher look at this today with the latest client 0.3.1. The issue is establishing a wireguard connection over a PulseConnect SSLVPN. 


The Tunsafe client which works (I'm using an identical configuration on 
both it and the Wireguard client) exchanges handshakes and then 
Keepalives and then starts transporting packets.



My source address is 10.209.29.xxx and my destination address is 
158.xxx.xxx.xxx. The config is as below.


After Tunsafe starts I see the routing created as:

C:\Users\whiskerp>route print /4 | find "10.2.80.226"
        10.2.0.34  255.255.255.254        10.2.80.1 10.2.80.226    125
        10.2.1.34  255.255.255.254        10.2.80.1 10.2.80.226    125
        10.2.80.0    255.255.255.0         On-link 10.2.80.226    281
      10.2.80.226  255.255.255.255         On-link 10.2.80.226    281
      10.2.80.255  255.255.255.255         On-link 10.2.80.226    281
        10.12.0.0    255.255.254.0        10.2.80.1 10.2.80.226    125
        224.0.0.0        240.0.0.0         On-link 10.2.80.226    281
  255.255.255.255  255.255.255.255         On-link 10.2.80.226    281


Wireguard client starts and exchanges handshakes, sends a keepalive but 
it does not seem to get to the other end. After 25 seconds, a Keepalive 
is sent by the other end (and noted by Wireguard at 10:04:41 in the 
log). No traffic is sent.


The routing table created by Wireguard is slightly different too:

C:\Users\whiskerp>route print /4 | find "10.2.80.226"
        10.2.0.34  255.255.255.254         On-link 10.2.80.226      5
        10.2.0.35  255.255.255.255         On-link 10.2.80.226    261
        10.2.1.34  255.255.255.254         On-link 10.2.80.226      5
        10.2.1.35  255.255.255.255         On-link 10.2.80.226    261
        10.2.80.0    255.255.255.0         On-link 10.2.80.226      5
      10.2.80.226  255.255.255.255         On-link 10.2.80.226    261
      10.2.80.255  255.255.255.255         On-link 10.2.80.226    261
        10.12.0.0    255.255.254.0         On-link 10.2.80.226      5
      10.12.1.255  255.255.255.255         On-link 10.2.80.226    261

Configuration:

[Interface]
PrivateKey = xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx=
Address = 10.2.80.226/32

[Peer]
PublicKey = QfjlPwEQa03gx7OYkM3Al8MIrfTx7WY0TT235eg0V1w=
PresharedKey = yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy=
AllowedIPs = 10.2.80.0/24, 10.12.0.0/23, 10.2.0.34/31, 10.2.1.34/31
Endpoint = iris-fw1.xxxxxxxxxx.com:21820
PersistentKeepalive = 25


I can connect with Wireguard to another server across the direct 
interface just not via the PulseConnect SSLVPN. Tunsafe works in both cases.



The log is below. I do not see any repeated Handshakes in a Wireguard 
capture of all interfaces, just the first one and the one 25 seconds 
later from the remote side.



2020-11-24 10:03:45.801982: [TUN] [lhirisseccom01] Starting 
WireGuard/0.3.1 (Windows 10.0.18363; amd64)
2020-11-24 10:03:45.803758: [TUN] [lhirisseccom01] Watching network 
interfaces

2020-11-24 10:03:45.809030: [TUN] [lhirisseccom01] Resolving DNS names
2020-11-24 10:03:45.841602: [TUN] [lhirisseccom01] Creating Wintun interface

2020-11-24 10:03:46.003480: [TUN] [lhirisseccom01] [Wintun] 
CreateAdapter: Creating adapter

2020-11-24 10:03:48.023642: [TUN] [lhirisseccom01] Using Wintun/0.9
2020-11-24 10:03:48.069741: [TUN] [lhirisseccom01] Enabling firewall rules
2020-11-24 10:03:48.161811: [TUN] [lhirisseccom01] Dropping privileges

2020-11-24 10:03:48.165901: [TUN] [lhirisseccom01] Creating interface 
instance
2020-11-24 10:03:48.171574: [TUN] [lhirisseccom01] Routine: event worker 
- started
2020-11-24 10:03:48.174280: [TUN] [lhirisseccom01] Routine: handshake 
worker - started
2020-11-24 10:03:48.175675: [TUN] [lhirisseccom01] Routine: encryption 
worker - started
2020-11-24 10:03:48.178308: [TUN] [lhirisseccom01] Routine: decryption 
worker - started
2020-11-24 10:03:48.179950: [TUN] [lhirisseccom01] Routine: handshake 
worker - started
2020-11-24 10:03:48.180986: [TUN] [lhirisseccom01] Routine: encryption 
worker - started
2020-11-24 10:03:48.181626: [TUN] [lhirisseccom01] Routine: decryption 
worker - started
2020-11-24 10:03:48.185430: [TUN] [lhirisseccom01] Routine: handshake 
worker - started
2020-11-24 10:03:48.185934: [TUN] [lhirisseccom01] Routine: encryption 
worker - started
2020-11-24 10:03:48.186070: [TUN] [lhirisseccom01] Routine: decryption 
worker - started
2020-11-24 10:03:48.187147: [TUN] [lhirisseccom01] Routine: handshake 
worker - started
2020-11-24 10:03:48.190237: [TUN] [lhirisseccom01] Routine: encryption 
worker - started
2020-11-24 10:03:48.194832: [TUN] [lhirisseccom01] Routine: decryption 
worker - started
2020-11-24 10:03:48.196508: [TUN] [lhirisseccom01] Routine: encryption 
worker - started
2020-11-24 10:03:48.197094: [TUN] [lhirisseccom01] Routine: encryption 
worker - started
2020-11-24 10:03:48.198466: [TUN] [lhirisseccom01] Routine: decryption 
worker - started
2020-11-24 10:03:48.199475: [TUN] [lhirisseccom01] Routine: handshake 
worker - started
2020-11-24 10:03:48.199475: [TUN] [lhirisseccom01] Routine: encryption 
worker - started
2020-11-24 10:03:48.200682: [TUN] [lhirisseccom01] Routine: decryption 
worker - started
2020-11-24 10:03:48.201256: [TUN] [lhirisseccom01] Routine: handshake 
worker - started
2020-11-24 10:03:48.203447: [TUN] [lhirisseccom01] Routine: encryption 
worker - started
2020-11-24 10:03:48.205727: [TUN] [lhirisseccom01] Routine: decryption 
worker - started
2020-11-24 10:03:48.208147: [TUN] [lhirisseccom01] Routine: handshake 
worker - started
2020-11-24 10:03:48.209167: [TUN] [lhirisseccom01] Routine: handshake 
worker - started
2020-11-24 10:03:48.210297: [TUN] [lhirisseccom01] Routine: decryption 
worker - started
2020-11-24 10:03:48.211810: [TUN] [lhirisseccom01] Routine: TUN reader - 
started
2020-11-24 10:03:48.216323: [TUN] [lhirisseccom01] Setting interface 
configuration
2020-11-24 10:03:48.224604: [TUN] [lhirisseccom01] UAPI: Updating 
private key

2020-11-24 10:03:48.230859: [TUN] [lhirisseccom01] UAPI: Removing all peers

2020-11-24 10:03:48.238534: [TUN] [lhirisseccom01] UAPI: Transition to 
peer configuration
2020-11-24 10:03:48.253111: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
UAPI: Created
2020-11-24 10:03:48.257120: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
UAPI: Updating preshared key
2020-11-24 10:03:48.257692: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
UAPI: Updating endpoint
2020-11-24 10:03:48.363693: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
UAPI: Updating persistent keepalive interval
2020-11-24 10:03:48.369795: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
UAPI: Removing all allowedips
2020-11-24 10:03:48.401343: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
UAPI: Adding allowedip
2020-11-24 10:03:48.410717: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
UAPI: Adding allowedip
2020-11-24 10:03:48.412264: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
UAPI: Adding allowedip
2020-11-24 10:03:48.412364: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
UAPI: Adding allowedip

2020-11-24 10:03:48.414098: [TUN] [lhirisseccom01] Bringing peers up

2020-11-24 10:03:48.421934: [TUN] [lhirisseccom01] Routine: receive 
incoming IPv6 - started
2020-11-24 10:03:48.423727: [TUN] [lhirisseccom01] Routine: receive 
incoming IPv4 - started

2020-11-24 10:03:48.427885: [TUN] [lhirisseccom01] UDP bind has been updated

2020-11-24 10:03:48.428445: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Starting...
2020-11-24 10:03:48.430048: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Routine: sequential receiver - started
2020-11-24 10:03:48.432758: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Routine: sequential sender - started
2020-11-24 10:03:48.434497: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Sending keepalive packet
2020-11-24 10:03:48.439271: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Routine: nonce worker - started
2020-11-24 10:03:48.439271: [TUN] [lhirisseccom01] Monitoring default v6 
routes
2020-11-24 10:03:48.440310: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Sending handshake initiation
2020-11-24 10:03:48.444410: [TUN] [lhirisseccom01] Binding v6 socket to 
interface 0 (blackhole=false)
2020-11-24 10:03:48.448834: [TUN] [lhirisseccom01] Setting device v6 
addresses
2020-11-24 10:03:48.484249: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Awaiting keypair
2020-11-24 10:03:48.501366: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Received handshake response
2020-11-24 10:03:48.505199: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Obtained awaited keypair
2020-11-24 10:03:49.717724: [TUN] [lhirisseccom01] Monitoring default v4 
routes
2020-11-24 10:03:49.735153: [TUN] [lhirisseccom01] Binding v4 socket to 
interface 23 (blackhole=false)
2020-11-24 10:03:49.736441: [TUN] [lhirisseccom01] Setting device v4 
addresses
2020-11-24 10:03:51.221490: [TUN] [lhirisseccom01] Listening for UAPI 
requests

2020-11-24 10:03:51.225480: [TUN] [lhirisseccom01] Startup complete

2020-11-24 10:04:08.258064: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Retrying handshake because we stopped hearing back after 15 seconds
2020-11-24 10:04:08.260207: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Sending handshake initiation
2020-11-24 10:04:13.543272: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Handshake did not complete after 5 seconds, retrying (try 2)
2020-11-24 10:04:13.545765: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Sending handshake initiation
2020-11-24 10:04:15.196489: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Receiving keepalive packet
2020-11-24 10:04:18.799504: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Handshake did not complete after 5 seconds, retrying (try 3)
2020-11-24 10:04:18.801789: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Sending handshake initiation
2020-11-24 10:04:23.881986: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Handshake did not complete after 5 seconds, retrying (try 4)
2020-11-24 10:04:23.883677: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Sending handshake initiation
2020-11-24 10:04:29.189703: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Handshake did not complete after 5 seconds, retrying (try 5)
2020-11-24 10:04:29.191775: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Sending handshake initiation
2020-11-24 10:04:32.339743: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Retrying handshake because we stopped hearing back after 15 seconds
2020-11-24 10:04:34.334302: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Handshake did not complete after 5 seconds, retrying (try 2)
2020-11-24 10:04:34.336489: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Sending handshake initiation
2020-11-24 10:04:39.477027: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Handshake did not complete after 5 seconds, retrying (try 3)
2020-11-24 10:04:39.477590: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Sending handshake initiation
2020-11-24 10:04:41.821019: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Receiving keepalive packet



2020-11-24 10:04:44.741589: [TUN] [lhirisseccom01] peer(Qfjl…0V1w) - 
Handshake did not complete after 5 seconds, retrying


This is very strange.

Thanks

Peter























					Reply via email to