Wireguard in LXC "handshake did not complete after 5 seconds"

FlyByWire · Dec 16, 2022

Hallo!
ich bastele jetzt seit einer Woche daran Wireguard in einem LXC unter Proxmox 7 zum laufen zu bekommen. Leider erfolglos. Zunächst: Ich habe bereits einen funktionierenden Wireguard server auf einem RasPI laufen. Ich habe einen DSlite Anschluß und eine feste IP über einen Provider.
Aktuell versuche ich es nach dieser Anleitung. Ich habe mich genau daran gehalten und bekomme zwar eine Verbindung, aber keinen handshake. Den Server auf dem PI habe ich vor längerer Zeit installiert, glaub aber das ich die Konfiguration ähnlich gemacht habe?!
Hier mal der log von meinem client (Iphone):

Code:

2022-12-16 18:22:13.821385: [APP] startActivation: Entering (tunnel: Proxmox)
2022-12-16 18:22:13.823603: [APP] startActivation: Tunnel is disabled. Re-enabling and saving
2022-12-16 18:22:13.869689: [APP] startActivation: Tunnel saved after re-enabling, invoking startActivation
2022-12-16 18:22:13.869773: [APP] startActivation: Entering (tunnel: Proxmox)
2022-12-16 18:22:13.869984: [APP] startActivation: Starting tunnel
2022-12-16 18:22:13.870097: [APP] startActivation: Success
2022-12-16 18:22:13.925293: [NET] App version: 1.0.15 (26)
2022-12-16 18:22:13.926256: [NET] Starting tunnel from the app
2022-12-16 18:22:14.020793: [NET] DNS64: mapped 1X5.2X8.1X8.33 to itself.
2022-12-16 18:22:14.021242: [NET] Attaching to interface
2022-12-16 18:22:14.021526: [NET] UAPI: Updating private key
2022-12-16 18:22:14.021628: [NET] Routine: decryption worker 3 - started
2022-12-16 18:22:14.021628: [NET] Routine: decryption worker 1 - started
2022-12-16 18:22:14.021659: [NET] Routine: decryption worker 2 - started
2022-12-16 18:22:14.021708: [NET] Routine: handshake worker 2 - started
2022-12-16 18:22:14.021715: [NET] Routine: decryption worker 4 - started
2022-12-16 18:22:14.021728: [NET] Routine: decryption worker 5 - started
2022-12-16 18:22:14.021729: [NET] UAPI: Removing all peers
2022-12-16 18:22:14.021754: [NET] Routine: encryption worker 1 - started
2022-12-16 18:22:14.021871: [NET] Routine: handshake worker 4 - started
2022-12-16 18:22:14.021861: [NET] Routine: handshake worker 1 - started
2022-12-16 18:22:14.021922: [NET] Routine: encryption worker 2 - started
2022-12-16 18:22:14.021985: [NET] peer(0NwT…AJzU) - UAPI: Created
2022-12-16 18:22:14.021976: [NET] Routine: decryption worker 6 - started
2022-12-16 18:22:14.022135: [NET] Routine: encryption worker 3 - started
2022-12-16 18:22:14.022189: [NET] Routine: handshake worker 3 - started
2022-12-16 18:22:14.022237: [NET] Routine: encryption worker 4 - started
2022-12-16 18:22:14.022277: [NET] Routine: encryption worker 5 - started
2022-12-16 18:22:14.022402: [NET] Routine: handshake worker 6 - started
2022-12-16 18:22:14.022479: [NET] Routine: handshake worker 5 - started
2022-12-16 18:22:14.022516: [NET] peer(0NwT…AJzU) - UAPI: Updating preshared key
2022-12-16 18:22:14.022601: [NET] Routine: encryption worker 6 - started
2022-12-16 18:22:14.022611: [NET] Routine: event worker - started
2022-12-16 18:22:14.022712: [NET] peer(0NwT…AJzU) - UAPI: Updating endpoint
2022-12-16 18:22:14.022724: [NET] Routine: TUN reader - started
2022-12-16 18:22:14.022821: [NET] peer(0NwT…AJzU) - UAPI: Updating persistent keepalive interval
2022-12-16 18:22:14.022862: [NET] peer(0NwT…AJzU) - UAPI: Removing all allowedips
2022-12-16 18:22:14.022945: [NET] peer(0NwT…AJzU) - UAPI: Adding allowedip
2022-12-16 18:22:14.023382: [NET] UDP bind has been updated
2022-12-16 18:22:14.023460: [NET] peer(0NwT…AJzU) - Starting
2022-12-16 18:22:14.023487: [NET] Routine: receive incoming v6 - started
2022-12-16 18:22:14.023478: [NET] Routine: receive incoming v4 - started
2022-12-16 18:22:14.023530: [NET] peer(0NwT…AJzU) - Sending keepalive packet
2022-12-16 18:22:14.023559: [NET] peer(0NwT…AJzU) - Sending handshake initiation
2022-12-16 18:22:14.023655: [NET] peer(0NwT…AJzU) - Routine: sequential receiver - started
2022-12-16 18:22:14.024086: [NET] peer(0NwT…AJzU) - Routine: sequential sender - started
2022-12-16 18:22:14.024267: [NET] Interface state was Down, requested Up, now Up
2022-12-16 18:22:14.024307: [NET] Device started
2022-12-16 18:22:14.024388: [NET] Tunnel interface is utun7
2022-12-16 18:22:14.024624: [NET] Network change detected with satisfied route and interface order [pdp_ip0]
2022-12-16 18:22:14.024752: [NET] DNS64: mapped 1X5.2X8.1X8.33 to itself.
2022-12-16 18:22:14.024813: [NET] peer(0NwT…AJzU) - UAPI: Updating endpoint
2022-12-16 18:22:14.024988: [NET] Routine: receive incoming v4 - stopped
2022-12-16 18:22:14.025074: [NET] Routine: receive incoming v6 - stopped
2022-12-16 18:22:14.025237: [NET] UDP bind has been updated
2022-12-16 18:22:14.025263: [APP] Tunnel 'Proxmox' connection status changed to 'connected'
2022-12-16 18:22:14.025289: [NET] Routine: receive incoming v6 - started
2022-12-16 18:22:14.025336: [NET] Routine: receive incoming v4 - started
2022-12-16 18:22:14.025537: [NET] Network change detected with satisfied route and interface order [pdp_ip0, utun7]
2022-12-16 18:22:14.025750: [NET] DNS64: mapped 1X5.2X8.1X8.33 to itself.
2022-12-16 18:22:14.025829: [NET] peer(0NwT…AJzU) - UAPI: Updating endpoint
2022-12-16 18:22:14.025922: [NET] Routine: receive incoming v4 - stopped
2022-12-16 18:22:14.025960: [NET] Routine: receive incoming v6 - stopped
2022-12-16 18:22:14.026152: [NET] UDP bind has been updated
2022-12-16 18:22:14.026166: [NET] Routine: receive incoming v4 - started
2022-12-16 18:22:14.026184: [NET] Routine: receive incoming v6 - started
2022-12-16 18:22:18.871229: [APP] Status update notification timeout for tunnel 'Proxmox'. Tunnel status is now 'connected'.
2022-12-16 18:22:19.294445: [NET] peer(0NwT…AJzU) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-12-16 18:22:19.294755: [NET] peer(0NwT…AJzU) - Sending handshake initiation
2022-12-16 18:22:24.459009: [NET] peer(0NwT…AJzU) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-12-16 18:22:24.459431: [NET] peer(0NwT…AJzU) - Sending handshake initiation
2022-12-16 18:22:29.744020: [NET] peer(0NwT…AJzU) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-12-16 18:22:29.744543: [NET] peer(0NwT…AJzU) - Sending handshake initiation
2022-12-16 18:22:34.924309: [NET] peer(0NwT…AJzU) - Handshake did not complete after 5 seconds, retrying (try 3)
2022-12-16 18:22:34.924709: [NET] peer(0NwT…AJzU) - Sending handshake initiation
2022-12-16 18:22:36.147510: [APP] startDeactivation: Tunnel: Proxmox
2022-12-16 18:22:36.152484: [APP] Tunnel 'Proxmox' connection status changed to 'disconnecting'
2022-12-16 18:22:36.290942: [NET] Network change detected with satisfied route and interface order [pdp_ip0]
2022-12-16 18:22:36.291971: [NET] DNS64: mapped 1X5.2X8.1X8.33 to itself.
2022-12-16 18:22:36.292317: [NET] peer(0NwT…AJzU) - UAPI: Updating endpoint
2022-12-16 18:22:36.292735: [NET] Routine: receive incoming v4 - stopped
2022-12-16 18:22:36.292812: [NET] Routine: receive incoming v6 - stopped
2022-12-16 18:22:36.293385: [NET] UDP bind has been updated
2022-12-16 18:22:36.293500: [NET] Routine: receive incoming v6 - started
2022-12-16 18:22:36.293457: [NET] Routine: receive incoming v4 - started
2022-12-16 18:22:36.461412: [NET] Stopping tunnel
2022-12-16 18:22:36.461951: [NET] Device closing
2022-12-16 18:22:36.462433: [NET] Routine: TUN reader - stopped
2022-12-16 18:22:36.462525: [NET] Routine: event worker - stopped
2022-12-16 18:22:36.462605: [NET] Routine: receive incoming v4 - stopped
2022-12-16 18:22:36.462790: [NET] Routine: receive incoming v6 - stopped
2022-12-16 18:22:36.463007: [NET] peer(0NwT…AJzU) - Stopping
2022-12-16 18:22:36.463207: [NET] peer(0NwT…AJzU) - Routine: sequential sender - stopped
2022-12-16 18:22:36.463279: [NET] peer(0NwT…AJzU) - Routine: sequential receiver - stopped
2022-12-16 18:22:36.463591: [NET] Device closed
2022-12-16 18:22:36.463650: [NET] Routine: decryption worker 3 - stopped
2022-12-16 18:22:36.463776: [NET] Routine: handshake worker 2 - stopped
2022-12-16 18:22:36.463832: [NET] Routine: handshake worker 1 - stopped
2022-12-16 18:22:36.463851: [NET] Routine: decryption worker 6 - stopped
2022-12-16 18:22:36.463893: [NET] Routine: decryption worker 5 - stopped
2022-12-16 18:22:36.463907: [NET] Routine: handshake worker 3 - stopped
2022-12-16 18:22:36.463976: [NET] Routine: handshake worker 4 - stopped
2022-12-16 18:22:36.464032: [NET] Routine: handshake worker 5 - stopped
2022-12-16 18:22:36.464066: [NET] Routine: handshake worker 6 - stopped
2022-12-16 18:22:36.464180: [NET] Routine: decryption worker 2 - stopped
2022-12-16 18:22:36.464258: [NET] Routine: decryption worker 4 - stopped
2022-12-16 18:22:36.464328: [NET] Routine: decryption worker 1 - stopped
2022-12-16 18:22:36.464380: [NET] Routine: encryption worker 2 - stopped
2022-12-16 18:22:36.464405: [NET] Routine: encryption worker 3 - stopped
2022-12-16 18:22:36.464418: [NET] Routine: encryption worker 1 - stopped
2022-12-16 18:22:36.464453: [NET] Routine: encryption worker 5 - stopped
2022-12-16 18:22:36.464456: [NET] Routine: encryption worker 6 - stopped
2022-12-16 18:22:36.464493: [NET] Routine: encryption worker 4 - stopped
2022-12-16 18:22:36.474299: [APP] Tunnel 'Proxmox' connection status changed to 'disconnected'

Der einzige Unterschied, den ich bis jetzt in der Konfiguration festgestellt habe, ist das in der client config auf dem IPhone der funktionierende Tunnel (zu dem RasPI server) als DNS eine Adresse aus dem Subnetz des Wireguard servers hat, und die Proxmox config die IP meines lokalen DNS server. Habe hier aber auch schon 1.1.1.1 probiert, ging auch nicht.
Ich habe schon stundenlang im Netz gesucht, komme aber neicht weiter.

Bin für jede Hilfe dankbar!

turbo1781 · Dec 18, 2022

Ich habe dasselbe Problem. Vor Proxmox 7.3 lief alles problemlos. Habe nichts an der Config geändert.

Wenn ich die Firewall ausschalte kann ich mich verbinden und alles läuft wie es soll. Sobald ich sie wieder einschalte, Port 51820 natürlich offen, geht nichts mehr.

FlyByWire · Dec 19, 2022

Leider funktioniert es bei mir auch nicht mit ausgesschalteter Firewall (im LXC)

Search

Search

Wireguard in LXC "handshake did not complete after 5 seconds"

FlyByWire

Member

turbo1781

Member

FlyByWire

Member