From mboxrd@z Thu Jan 1 00:00:00 1970 From: Adolf Belka <adolf.belka@ipfire.org> To: development@lists.ipfire.org Subject: Re: Feedback on WG Date: Mon, 26 Aug 2024 14:13:11 +0200 Message-ID: <d78b7c7d-8208-4996-ad4f-259e1cdd89c5@ipfire.org> In-Reply-To: <4fc9b5e3-7f20-4650-a6f0-32ec9a51b8cc@ipfire.org> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1973224612463365115==" List-Id: <development.lists.ipfire.org> --===============1973224612463365115== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable I tried out netcat to send some traffic through the tunnel. That confirmed th= at the tunnel is only working in one direction. If I put the laptop in listening mode and from a vm on the IPFire green lan s= ent some data from /dev/zero through the tunnel, it was received at the other= end. Setting the vm on the IPFire green lan into listening mode and sending the da= ta from the laptop resulted in nothing being sent from the laptop and obvious= ly nothing received at the green vm. So it is not just a ping issue. Regards, Adolf. On 26/08/2024 13:17, Adolf Belka wrote: > Hi Michael, > > Getting back to testing out the WG. > > On 21/08/2024 16:23, Michael Tremer wrote: >> Hello Adolf, >> >>> On 19 Aug 2024, at 12:04, Adolf Belka <adolf.belka(a)ipfire.org> wrote: >>> >>> Hi Michael, >>> >>> Sorry for the delay with feedback on the WG testing. I was a bit tied up = with DIY stuff in the house. >> >> No problem... >> >>> By manually importing the WG config file created I was able to successful= ly connect from my laptop to my IPFire vm system. The WUI showed connected. T= he config file had my allowed subnets set as 192.168.200.0/255.255.255.0 whic= h is the green subnet on my vm system. However trying ping over the WG tunnel= gave failures for the IP of the vm machine, green1, and also for the green i= nterface of the vm IPFire. >> >> Okay, connecting should be nice and easy. However, you *should* be able to= transfer some data... >> >>> Trying to ping with the FQDN for the green1 system resulted in no resolvi= ng of green1's FQDN to a local IP but tried to send it to my main red interfa= ce with my ISP. >> >> Can you try to ping from either side? The client the firewall and the fire= wall the client? That should work if the tunnel is up. > > Tried again to ping from laptop to IPFire green lan, both the IPFire green = interface and a vm PC on the green lan. In both cases 100% packet loss. > > I then tried doing the ping from the vm machine on the green IPFire lan to = the laptop, as you suggested and in this case I got 100% packet transmission. > > In all above tests I used IP's to remove any question about DNS resolving. > > So the ping seems to only be working in one direction. Let me know if there= are any other tests or checks I should do based on this result. > > Regards, > Adolf. > >> >>> So something appears to be missing or incorrect with the routing but not = sure what. >>> >>> Minor points on the WUI. >> >> I would like to have the thing working first before we spend any time on m= aking the UI look nice, but you are raising very good points. >> >>> When disconnected the status section that is coloured red is huge and the= space for the remark is very small but when connected then the status space = is large enough to have the connected status word, giving much more room for = the remark. >> >> That should not be. No idea why that is, but I am sure that is not too har= d to fix. >> >>> When the WG config file is created and you have the page with the QR code= , there is also a message about the WG config file only being shown this one = time as it contains private key material. The message is fine but the heading= for the message is "Oops, something went wrong...". It should really be some= thing like "Information Note" or equivalent as it is not an actual error mess= age. >> >> I think I created a little widget which I used somewhere else too and then= added the headline. It certainly does not fit here. >> >> -Michael >> >>> >>> See the screenshots attached. >>> >>> Regards, >>> >>> Adolf. >>> <Disconnected WUI screen.png><Connected WUI screen.png><Error message whe= n WG config file provided..png> >> --===============1973224612463365115==--