Unfortunately it will not work. What I did: Fresh installation of my RPi3 with DietPI, changed standard PWs to my own, changed ssh-Server to OpenSSH, installed wireguard with
dietpi-software install 172
On my VPN-Server I created a new config-file for this RPi3-VPN-Client, transfered this to
/etc/wireguard/wg0.conf
and startet VPN as you mentioned
wg-quick up wg0
Output:
[#] ip link add wg0 type wireguard
[#] wg setconf wg0 /dev/fd/63
[#] ip -4 address add 10.6.0.4/24 dev wg0
[#] ip link set mtu 1420 up dev wg0
[#] resolvconf -a tun.wg0 -m 0 -x
[#] wg set wg0 fwmark 51820
[#] ip -6 route add ::/0 dev wg0 table 51820
[#] ip -6 rule add not fwmark 51820 table 51820
[#] ip -6 rule add table main suppress_prefixlength 0
[#] ip6tables-restore -n
[#] ip -4 route add 0.0.0.0/0 dev wg0 table 51820
[#] ip -4 rule add not fwmark 51820 table 51820
[#] ip -4 rule add table main suppress_prefixlength 0
[#] sysctl -q net.ipv4.conf.all.src_valid_mark=1
[#] iptables-restore -n
If I try now to ping like
ping www.heise.de
nothing happens. Same for a local pc in the VPN-Server-Network
ping 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether b8:27:eb:02:c4:d2 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.222/24 brd 192.168.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 2a02:810d:9440:ad98:ba27:ebff:fe02:c4d2/64 scope global dynamic mngtmpaddr
valid_lft 5399sec preferred_lft 2699sec
inet6 fe80::ba27:ebff:fe02:c4d2/64 scope link
valid_lft forever preferred_lft forever
5: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
link/none
inet 10.6.0.4/24 scope global wg0
valid_lft forever preferred_lft forever
wg
on the VPN-Server shows me my peers and here are the part of the new/not working one:
peer: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
preshared key: (hidden)
allowed ips: 10.6.0.4/32
With wireguard on my MacBook/Android-Smartphone and config-files for this clients the VPN-Connection works fine. Any idea?