Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
Wireguard and Android(Samsung)
« previous
next »
Print
Pages: [
1
]
Author
Topic: Wireguard and Android(Samsung) (Read 2501 times)
tre4bax
Full Member
Posts: 151
Karma: 4
Wireguard and Android(Samsung)
«
on:
August 29, 2019, 02:56:03 pm »
With some help and perserverance I have Wireguard working 100% on my PCTablet. When I connect I get shown I get info like below and it all just works
peer: **********************************************=
endpoint: <address>:55703
allowed ips: 192.168.100.2/32
latest handshake: 24 seconds ago
transfer: 16.36 MiB received, 9.47 MiB sent
Using the Android client on my samsung phone and an identical config with only the address changed I assumed that would work too. This time not though. I get no entry for that connection other than allowed ips: Though the client comes on I cannot tell if the link is established. With a ping tool I have checked that the interface IP appears on the phone and that there is some form of route noted. Nothing seems to travel that route though :-( Anybody managed to get this working on Android?
Logged
mimugmail
Hero Member
Posts: 6766
Karma: 494
Re: Wireguard and Android(Samsung)
«
Reply #1 on:
August 29, 2019, 03:33:09 pm »
Do you have both endpoints linked in your local instance? Do you have 0.0.0.0/0 at the phone set?
Logged
WWW:
www.routerperformance.net
Support plans:
https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German):
https://opnsense.max-it.de/
tre4bax
Full Member
Posts: 151
Karma: 4
Re: Wireguard and Android(Samsung)
«
Reply #2 on:
August 29, 2019, 04:34:32 pm »
This one was all my bad. I exported the config from my desktop client and the mobile client and compared them.
Found that the Mobile client was set to port 58120 and the desktop to 51820 swapped this around and it all now works perfectly @minmugmail thank you so much for the help with this. It really was simple once with a little bit of prompting. Here are my configs on both ends that worked for me, in case of others following my route:
Server (opnsense pluggin):
Local (interface)
Tunnel address 192.168.100.0/24
Endpoint (peer)
Allowed ips: 192.168.100.2/32
Client (windows version of WireGuard)
Interface
Address = 192.168.100.2/32
Peer
AllowedIPs = 0.0.0.0/0
Endpoint = <end point address>:51820
PersistentKeepalive = 25
The key learning for me was to understand that Allowed IPs in the peer was the addresses that the interface described above would expect to come from the peer. i.e. The server would only expect packets from the 192.168.100.2 address but the client would expect any internet address to come through. Once I finally got that then it made it possible to get Wireguard working consistently. The phone interface was the same as above with just the .2 changed to a .3 and so on...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
Wireguard and Android(Samsung)