I would like to up a wireguard interface on the pve host, that will connect to the wireguard server in one of the lxc containers.
When trying to connect the PVE host via LAN or even via WAN IP to the container no proper connection can be established, no traffic is shown with "wg show" on the PVE host.
Connecting the PVE host to another wireguard server outside in the Internet is successful.
Also all other machines connecting through WAN can successfully connect to the WG server in the lxc container.
Here is the output of another PVE host that is connected from outside / WAN:
So the wg conf of the PVE host is certainly correct.
Is it possible that there is some restriction to whether a lxc host can connect to a lxc container's wg interface in the same virtual environment?
Did anyone of you successfully connect a PVE host to one of its lxc containers via wg?
When logging the wireguard client activity on the PVE host it shows:
It should continue to show some information about handshakes, but does not.
When trying to connect the PVE host via LAN or even via WAN IP to the container no proper connection can be established, no traffic is shown with "wg show" on the PVE host.
Code:
interface: wg1
public key: 123xyz
private key: (hidden)
listening port: 44796
peer: zyx321
preshared key: (hidden)
endpoint: WAN-IP-ADDRESS:PORT
allowed ips: 10.0.0.0/24Also all other machines connecting through WAN can successfully connect to the WG server in the lxc container.
Here is the output of another PVE host that is connected from outside / WAN:
Code:
interface: wg2
public key: 456abc
private key: (hidden)
listening port: 39274
peer: cba654
preshared key: (hidden)
endpoint: WAN-IP-ADDRESS:PORT
allowed ips: 10.0.0.0/24
latest handshake: 2 minutes, 11 seconds ago
transfer: 613.28 KiB received, 575.73 KiB sent
persistent keepalive: every 25 secondsIs it possible that there is some restriction to whether a lxc host can connect to a lxc container's wg interface in the same virtual environment?
Did anyone of you successfully connect a PVE host to one of its lxc containers via wg?
When logging the wireguard client activity on the PVE host it shows:
Code:
systemd-udevd[2808517]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable. │
systemd-udevd[2808517]: Using default interface naming scheme 'v247'. │
kernel: [600496.077157] wireguard: wg1: Interface created │
kernel: [600496.082954] wireguard: wg1: Peer 72 created
Last edited: