PiVPN with Wireguard and PiHole not working correctly

General Discussion
41

can I post this in my wg0.conf?

42

sure, just mask private data like keys or endpoint

43

So here is my cat /etc/wireguard/wg0.conf:

[Interface]
PrivateKey = XXXX
Address = 10.6.0.1/24
ListenPort = XXXX
### begin Nils ###
[Peer]
PublicKey = XXXX
PresharedKey = XXXX
AllowedIPs = 10.6.0.2/32
### end Nils ###

The whole things you hav in your file are missing in my file.

44

Yes because PiVPN did not do the “cool” enhancement as DietPi is doing. Basically DietPi is offering 2 ways to install WireGuard.

  1. via PiVPN (software id 117)
  2. directly / plain WireGuard (software id 172)

Difference is basically on PiVPN you have some kind of management console to manage clients and configs. Means config files are used as they are created by PiVPN. No further adjustments on the server config by DietPi.

While on the DietPi version you have further adjustments on the server config, including some iptables rules but you don’t have that management console. However there is a good documentation on our Online Docs how to setup new clients VPN Software Options - DietPi.com Docs


what you could to is to add following lines into wg0.conf after ListenPort = XXXX and before ### begin Nils ###

PreUp = /boot/dietpi/func/obtain_network_details
PostUp = sysctl net.ipv4.conf.%i.forwarding=1 net.ipv4.conf.$(mawk 'NR==3' /run/dietpi/.network).forwarding=1
PostUp = sysctl net.ipv6.conf.$(mawk 'NR==3' /run/dietpi/.network).accept_ra=2
PostUp = sysctl net.ipv6.conf.%i.forwarding=1 net.ipv6.conf.$(mawk 'NR==3' /run/dietpi/.network).forwarding=1
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE
PostUp = ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE
PostDown = ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.network) -j MASQUERADE

once done save the file and restart WireGuard

systemctl daemon-reload
systemctl restart wg-quick@wg0.service
45

Thats it. It works. Thank you

46

it was a long journey but we fixed it at the end :slight_smile:

47

Hallo,

I would like to attach myself to this topic :wink:

I also use pivpn and also added the above code in wg0.conf. i am trying to connect to the VPN with my smartphone. This works, but I can neither access devices on the network nor the internet.

root@bkiste:~# systemctl restart wg-quick@wg0.service
Job for wg-quick@wg0.service failed because the control process exited with error code.
See "systemctl status wg-quick@wg0.service" and "journalctl -xe" for details.
root@bkiste:~# systemctl status wg-quick@wg0.service
● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0
     Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Mon 2022-03-28 07:26:07 BST; 16s ago
       Docs: man:wg-quick(8)
             man:wg(8)
             https://www.wireguard.com/
             https://www.wireguard.com/quickstart/
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
    Process: 4151 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=1/FAILURE)
   Main PID: 4151 (code=exited, status=1/FAILURE)
        CPU: 137ms

Mär 28 07:26:06 bkiste systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
Mär 28 07:26:07 bkiste wg-quick[4151]: [#] /boot/dietpi/func/obtain_network_details
Mär 28 07:26:07 bkiste wg-quick[4161]: /usr/bin/wg-quick: line 295: /boot/dietpi/func/obtain_network_details: No such file or directory
Mär 28 07:26:07 bkiste wg-quick[4163]: Unable to access interface: No such device
Mär 28 07:26:07 bkiste wg-quick[4151]: [#] ip link delete dev wg0
Mär 28 07:26:07 bkiste wg-quick[4164]: Cannot find device "wg0"
Mär 28 07:26:07 bkiste systemd[1]: wg-quick@wg0.service: Main process exited, code=exited, status=1/FAILURE
Mär 28 07:26:07 bkiste systemd[1]: wg-quick@wg0.service: Failed with result 'exit-code'.
Mär 28 07:26:07 bkiste systemd[1]: Failed to start WireGuard via wg-quick(8) for wg0.




  GNU nano 5.4                                 /etc/wireguard/wg0.conf                                           
[Interface]
PrivateKey = 0815
Address = 10.6.0.1/24
MTU = 1420
ListenPort = 51609
PreUp = /boot/dietpi/func/obtain_network_details
PostUp = sysctl net.ipv4.conf.%i.forwarding=1 net.ipv4.conf.$(mawk 'NR==3' /run/dietpi/.network).forwarding=1
PostUp = sysctl net.ipv6.conf.$(mawk 'NR==3' /run/dietpi/.network).accept_ra=2
PostUp = sysctl net.ipv6.conf.%i.forwarding=1 net.ipv6.conf.$(mawk 'NR==3' /run/dietpi/.network).forwarding=1
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.netw>
PostUp = ip6tables -A FORWARD -i %i -j ACCEPT; ip6tables -t nat -A POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.ne>
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.ne>
PostDown = ip6tables -D FORWARD -i %i -j ACCEPT; ip6tables -t nat -D POSTROUTING -o $(mawk 'NR==3' /run/dietpi/.>
### begin Grosse ###
[Peer]
PublicKey = 0815
PresharedKey = 0815
AllowedIPs = 10.6.0.2/32
### end Grosse ###
### begin Weiss ###
[Peer]
PublicKey = 0815
PresharedKey = 0815
AllowedIPs = 10.6.0.3/32
### end Weiss ###

how can I fix the network drive error? I use DietPi v8.2.2 on a Odroid C2. On the Odroid also runs Phiole.
I have installed pivpn via

curl -L https://install.pivpn.io | bash




::: Connected Clients List :::
Name             Remote IP      Virtual IP      Bytes Received      Bytes Sent      Last Seen
::: Connected Clients List :::
Name             Remote IP      Virtual IP      Bytes Received      Bytes Sent      Last Seen
Gross      (none)         10.6.0.2        0B                  0B              (not yet)
::: Disabled clients :::

Best,
jeri

48

I would recommend to delete the lines you added manually to the WireGuard configuration and to install PiVPN using dietpi-software afterwards.

49

Thank you for your answer. unfortunately it is the same error.

50

can you reboot pls and share status of service + log

systemctl wg-quick@wg0.service
journalctl -u wg-quick@wg0.service
51

Thank you.

this is a fresh installation of pivpn from the repo diet-software.

root@bkiste:~# systemctl wg-quick@wg0.service
Unknown command verb wg-quick@wg0.service.
root@bkiste:~# journalctl -u wg-quick@wg0.service
-- Journal begins at Mon 2022-03-28 13:36:06 BST, ends at Mon 2022-03-28 13:36:59 BST. --
Mär 28 13:36:26 bkiste systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
Mär 28 13:36:26 bkiste wg-quick[1638]: [#] ip link add wg0 type wireguard
Mär 28 13:36:26 bkiste wg-quick[1638]: [#] wg setconf wg0 /dev/fd/63
Mär 28 13:36:26 bkiste wg-quick[1638]: [#] ip -4 address add 10.6.0.1/24 dev wg0
Mär 28 13:36:26 bkiste wg-quick[1638]: [#] ip link set mtu 1420 up dev wg0
Mär 28 13:36:26 bkiste systemd[1]: Finished WireGuard via wg-quick(8) for wg0.
52

Sorry there was a typo

systemctl status wg-quick@wg0.service

But it looks like Wireguard has been started successfully.

53

Thank you. Here it is :slight_smile:

root@bkiste:~# systemctl status wg-quick@wg0.service
● wg-quick@wg0.service - WireGuard via wg-quick(8) for wg0
     Loaded: loaded (/lib/systemd/system/wg-quick@.service; enabled; vendor preset: enabled)
     Active: active (exited) since Mon 2022-03-28 14:15:00 BST; 21s ago
       Docs: man:wg-quick(8)
             man:wg(8)
             https://www.wireguard.com/
             https://www.wireguard.com/quickstart/
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg-quick.8
             https://git.zx2c4.com/wireguard-tools/about/src/man/wg.8
    Process: 1633 ExecStart=/usr/bin/wg-quick up wg0 (code=exited, status=0/SUCCESS)
   Main PID: 1633 (code=exited, status=0/SUCCESS)
        CPU: 111ms

Mär 28 14:15:00 bkiste systemd[1]: Starting WireGuard via wg-quick(8) for wg0...
Mär 28 14:15:00 bkiste wg-quick[1633]: [#] ip link add wg0 type wireguard
Mär 28 14:15:00 bkiste wg-quick[1633]: [#] wg setconf wg0 /dev/fd/63
Mär 28 14:15:00 bkiste wg-quick[1633]: [#] ip -4 address add 10.6.0.1/24 dev wg0
Mär 28 14:15:00 bkiste wg-quick[1633]: [#] ip link set mtu 1420 up dev wg0
Mär 28 14:15:00 bkiste systemd[1]: Finished WireGuard via wg-quick(8) for wg0.
54

Wireguard is running fine.

What is the exact issue now?

Did you create the configuration in PiVPN and activated it in the client app? Does your DDNS is pointing to correct external IP? Port forwarding is set correctly to your DietPi device?

55

I have create a user configuration and scanned this with the Wireguard App. Then I connected with the vpn. The smartphone show me , that the VPN connection is on (VPN is shown on the display). I have create a port forwarding for ipv4 and ipv6 on my FritzBox.

IMG_6199.jpg
IMG_6199.jpg750×1334 98.6 KB

The problem is, that I can’t connect to my local server or connect to the internet over the VPN. very little data was sent.

56

The Wireguard app will show always a connection. Even if not true. The small amount of data is indicating that the VPN connection is not established correctly. There should be a log on the client app. You could have a look to see what the app is doing. Did you forward UDP port or TCP? It should be UDP only. As well double check if your DDNS is using your correct and actually external IP address. Next to this try to create another configuration in PiVPN and scan the new QE code with your mobile phone again.

57

Thank you for you answer.

Did you forward UDP port or TCP?
I forward only UDP

Hmm, I changed my internet connection to a different package. It looks like I no longer have ipv4 now. Maybe that is the problem. :frowning:

I have create a new config file.

Logfile Client

2022-03-28 20:56:12.518337: [APP] startActivation: Entering (tunnel: Bkiste WireGuard)
2022-03-28 20:56:12.521737: [APP] startActivation: Starting tunnel
2022-03-28 20:56:12.528270: [APP] startActivation: Success
2022-03-28 20:56:12.541443: [APP] Tunnel 'Bkiste WireGuard' connection status changed to 'connecting'
2022-03-28 20:56:12.922009: [NET] App version: 1.0.15 (26)
2022-03-28 20:56:12.922566: [NET] Starting tunnel from the app
2022-03-28 20:56:13.213566: [NET] DNS64: mapped 82.xxx. to 64:xx9b::52cf:
2022-03-28 20:56:13.217204: [NET] Attaching to interface
2022-03-28 20:56:13.218631: [NET] UAPI: Updating private key
2022-03-28 20:56:13.218830: [NET] Routine: decryption worker 1 - started
2022-03-28 20:56:13.219011: [NET] Routine: encryption worker 1 - started
2022-03-28 20:56:13.219064: [NET] Routine: handshake worker 5 - started
2022-03-28 20:56:13.219121: [NET] Routine: decryption worker 4 - started
2022-03-28 20:56:13.219148: [NET] Routine: decryption worker 6 - started
2022-03-28 20:56:13.219177: [NET] Routine: handshake worker 4 - started
2022-03-28 20:56:13.219196: [NET] Routine: event worker - started
2022-03-28 20:56:13.219372: [NET] Routine: handshake worker 1 - started
2022-03-28 20:56:13.219381: [NET] Routine: encryption worker 5 - started
2022-03-28 20:56:13.219434: [NET] Routine: decryption worker 5 - started
2022-03-28 20:56:13.219464: [NET] Routine: encryption worker 6 - started
2022-03-28 20:56:13.219485: [NET] Routine: encryption worker 3 - started
2022-03-28 20:56:13.219501: [NET] Routine: decryption worker 3 - started
2022-03-28 20:56:13.219549: [NET] Routine: handshake worker 6 - started
2022-03-28 20:56:13.219601: [NET] Routine: TUN reader - started
2022-03-28 20:56:13.219619: [NET] Routine: handshake worker 3 - started
2022-03-28 20:56:13.219904: [NET] Routine: encryption worker 2 - started
2022-03-28 20:56:13.219888: [NET] Routine: handshake worker 2 - started
2022-03-28 20:56:13.219887: [NET] Routine: decryption worker 2 - started
2022-03-28 20:56:13.219966: [NET] UAPI: Removing all peers
2022-03-28 20:56:13.219978: [NET] Routine: encryption worker 4 - started
2022-03-28 20:56:13.221807: [NET] peer(gU+f…KyDw) - UAPI: Created
2022-03-28 20:56:13.221947: [NET] peer(gU+f…KyDw) - UAPI: Updating preshared key
2022-03-28 20:56:13.222026: [NET] peer(gU+f…KyDw) - UAPI: Updating endpoint
2022-03-28 20:56:13.222318: [NET] peer(gU+f…KyDw) - UAPI: Updating persistent keepalive interval
2022-03-28 20:56:13.222394: [NET] peer(gU+f…KyDw) - UAPI: Removing all allowedips
2022-03-28 20:56:13.222524: [NET] peer(gU+f…KyDw) - UAPI: Adding allowedip
2022-03-28 20:56:13.222643: [NET] peer(gU+f…KyDw) - UAPI: Adding allowedip
2022-03-28 20:56:13.223330: [NET] UDP bind has been updated
2022-03-28 20:56:13.223404: [NET] peer(gU+f…KyDw) - Starting
2022-03-28 20:56:13.223514: [NET] Interface state was Down, requested Up, now Up
2022-03-28 20:56:13.223585: [NET] peer(gU+f…KyDw) - Routine: sequential sender - started
2022-03-28 20:56:13.223606: [NET] Device started
2022-03-28 20:56:13.223774: [NET] Tunnel interface is utun7
2022-03-28 20:56:13.224012: [NET] Routine: receive incoming v6 - started
2022-03-28 20:56:13.224024: [NET] Routine: receive incoming v4 - started
2022-03-28 20:56:13.224528: [NET] peer(gU+f…KyDw) - Routine: sequential receiver - started
2022-03-28 20:56:13.226682: [NET] Network change detected with satisfied route and interface order [pdp_ip0]
2022-03-28 20:56:13.226929: [APP] Tunnel 'Bkiste WireGuard' connection status changed to 'connected'
2022-03-28 20:56:13.228271: [NET] DNS64: mapped 82.xxx.236.xxx to 64:ff9b::xxcf:xxxx
2022-03-28 20:56:13.228531: [NET] peer(gU+f…KyDw) - UAPI: Updating endpoint
2022-03-28 20:56:13.228832: [NET] Routine: receive incoming v4 - stopped
2022-03-28 20:56:13.228889: [NET] Routine: receive incoming v6 - stopped
2022-03-28 20:56:13.229355: [NET] UDP bind has been updated
2022-03-28 20:56:13.229398: [NET] Routine: receive incoming v4 - started
2022-03-28 20:56:13.229418: [NET] Routine: receive incoming v6 - started
2022-03-28 20:56:13.807943: [NET] Network change detected with satisfied route and interface order [pdp_ip0, utun7]
2022-03-28 20:56:13.810227: [NET] DNS64: mapped 82.xx.236. to 64:ff9b::xxcf:
2022-03-28 20:56:13.810525: [NET] peer(gU+f…KyDw) - UAPI: Updating endpoint
2022-03-28 20:56:13.810906: [NET] Routine: receive incoming v4 - stopped
2022-03-28 20:56:13.810980: [NET] Routine: receive incoming v6 - stopped
2022-03-28 20:56:13.811677: [NET] UDP bind has been updated
2022-03-28 20:56:13.811726: [NET] Routine: receive incoming v4 - started
2022-03-28 20:56:13.811805: [NET] Routine: receive incoming v6 - started
2022-03-28 20:56:17.523146: [APP] Status update notification timeout for tunnel 'Bkiste WireGuard'. Tunnel status is now 'connected'.
2022-03-28 20:57:10.990403: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:57:15.995303: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:57:21.007833: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:57:26.290183: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:57:26.290376: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:57:31.469171: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:57:31.469305: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:57:36.478251: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:57:41.805467: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:57:41.805713: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:57:46.887698: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:57:46.887898: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:57:52.194513: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:57:52.194901: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:57:57.338805: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:57:57.339023: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:02.481103: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:58:02.481492: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:07.487315: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:12.603585: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:17.682046: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:58:17.682274: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:22.794817: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:58:22.795029: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:27.869049: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:58:27.869465: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:32.966724: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:58:32.966941: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:37.985702: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:58:37.986102: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:43.085226: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:58:43.085550: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:48.168844: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:58:48.168999: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:53.473584: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:58:53.473895: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:58:58.700727: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:58:58.700957: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:59:03.999985: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:59:04.001371: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:59:09.069253: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:59:09.069571: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:59:14.353862: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 3)
2022-03-28 20:59:14.354190: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:59:19.669449: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:59:19.669694: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:59:24.874873: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:59:24.875206: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:59:30.008373: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 3)
2022-03-28 20:59:30.008734: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:59:35.072850: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:59:35.073208: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:59:40.367328: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:59:40.367569: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:59:45.640149: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 20:59:45.640486: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:59:50.864689: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 20:59:55.895862: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:00.900936: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:06.056132: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:11.088956: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:16.213104: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:00:16.213606: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:21.370627: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:00:21.370991: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:26.592222: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:00:26.592583: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:31.791755: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:00:31.792088: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:37.044043: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:00:37.044395: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:42.100933: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:47.160698: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:00:47.161080: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:52.227202: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:00:52.227539: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:00:57.334610: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:00:57.334942: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:01:02.642073: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:01:02.642304: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:01:07.827394: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:01:07.827724: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:01:13.136139: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:01:13.136287: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:01:18.352268: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:01:18.352511: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:01:23.576619: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:01:23.576778: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:01:28.758406: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:01:28.758564: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:01:34.030020: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:01:34.030354: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:01:39.214703: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 21:01:39.214787: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 21:01:41.095048: [NET] Stopping tunnel
2022-03-28 21:01:41.095467: [NET] Device closing
2022-03-28 21:01:41.095803: [NET] Routine: TUN reader - stopped
2022-03-28 21:01:41.096048: [NET] Routine: event worker - stopped
2022-03-28 21:01:41.096750: [NET] Routine: receive incoming v4 - stopped
2022-03-28 21:01:41.096837: [NET] Routine: receive incoming v6 - stopped
2022-03-28 21:01:41.096928: [NET] peer(gU+f…KyDw) - Stopping
2022-03-28 21:01:41.097058: [NET] peer(gU+f…KyDw) - Routine: sequential sender - stopped
2022-03-28 21:01:41.097082: [NET] peer(gU+f…KyDw) - Routine: sequential receiver - stopped
2022-03-28 21:01:41.097980: [NET] Device closed
2022-03-28 21:01:41.098164: [NET] Routine: decryption worker 1 - stopped
2022-03-28 21:01:41.098159: [NET] Routine: handshake worker 5 - stopped
2022-03-28 21:01:41.098197: [NET] Routine: handshake worker 3 - stopped
2022-03-28 21:01:41.098227: [NET] Routine: decryption worker 2 - stopped
2022-03-28 21:01:41.098287: [NET] Routine: handshake worker 4 - stopped
2022-03-28 21:01:41.098316: [NET] Routine: handshake worker 1 - stopped
2022-03-28 21:01:41.098360: [NET] Routine: handshake worker 6 - stopped
2022-03-28 21:01:41.098421: [NET] Routine: decryption worker 3 - stopped
2022-03-28 21:01:41.098445: [NET] Routine: decryption worker 4 - stopped
2022-03-28 21:01:41.098473: [NET] Routine: decryption worker 6 - stopped
2022-03-28 21:01:41.098523: [NET] Routine: handshake worker 2 - stopped
2022-03-28 21:01:41.098591: [NET] Routine: decryption worker 5 - stopped
2022-03-28 21:01:41.098963: [NET] Routine: encryption worker 1 - stopped
2022-03-28 21:01:41.099000: [NET] Routine: encryption worker 2 - stopped
2022-03-28 21:01:41.099069: [NET] Routine: encryption worker 6 - stopped
2022-03-28 21:01:41.099094: [NET] Routine: encryption worker 5 - stopped
2022-03-28 21:01:41.099096: [NET] Routine: encryption worker 4 - stopped
2022-03-28 21:01:41.099206: [NET] Routine: encryption worker 3 - stopped
2022-03-28 21:01:43.916336: [APP] Tunnel 'Bkiste WireGuard' connection status changed to 'disconnected'

IPv6

2022-03-28 22:14:56.283415: [APP] startActivation: Entering (tunnel: Bkiste WireGuard)
2022-03-28 22:14:56.288654: [APP] startActivation: Starting tunnel
2022-03-28 22:14:56.293984: [APP] startActivation: Success
2022-03-28 22:14:56.309402: [APP] Tunnel 'Bkiste WireGuard' connection status changed to 'connecting'
2022-03-28 22:14:56.594495: [NET] App version: 1.0.15 (26)
2022-03-28 22:14:56.595097: [NET] Starting tunnel from the app
2022-03-28 22:14:56.912264: [NET] DNS64: mapped 2001:16b8:2903:a8a1:de15:xxx to itself.
2022-03-28 22:14:56.913362: [NET] Attaching to interface
2022-03-28 22:14:56.913918: [NET] UAPI: Updating private key
2022-03-28 22:14:56.913962: [NET] Routine: encryption worker 4 - started
2022-03-28 22:14:56.914063: [NET] Routine: handshake worker 2 - started
2022-03-28 22:14:56.914080: [NET] Routine: decryption worker 2 - started
2022-03-28 22:14:56.914117: [NET] Routine: handshake worker 1 - started
2022-03-28 22:14:56.914138: [NET] Routine: encryption worker 3 - started
2022-03-28 22:14:56.914184: [NET] Routine: decryption worker 3 - started
2022-03-28 22:14:56.914207: [NET] Routine: handshake worker 5 - started
2022-03-28 22:14:56.914207: [NET] Routine: encryption worker 2 - started
2022-03-28 22:14:56.914214: [NET] Routine: decryption worker 1 - started
2022-03-28 22:14:56.914272: [NET] UAPI: Removing all peers
2022-03-28 22:14:56.914322: [NET] Routine: handshake worker 3 - started
2022-03-28 22:14:56.914359: [NET] Routine: encryption worker 1 - started
2022-03-28 22:14:56.914555: [NET] Routine: handshake worker 6 - started
2022-03-28 22:14:56.914579: [NET] Routine: handshake worker 4 - started
2022-03-28 22:14:56.914604: [NET] Routine: decryption worker 6 - started
2022-03-28 22:14:56.914605: [NET] Routine: TUN reader - started
2022-03-28 22:14:56.914394: [NET] Routine: encryption worker 6 - started
2022-03-28 22:14:56.914661: [NET] Routine: decryption worker 4 - started
2022-03-28 22:14:56.914661: [NET] Routine: decryption worker 5 - started
2022-03-28 22:14:56.914676: [NET] Routine: encryption worker 5 - started
2022-03-28 22:14:56.914752: [NET] Routine: event worker - started
2022-03-28 22:14:56.915270: [NET] peer(gU+f…KyDw) - UAPI: Created
2022-03-28 22:14:56.915313: [NET] peer(gU+f…KyDw) - UAPI: Updating preshared key
2022-03-28 22:14:56.915433: [NET] peer(gU+f…KyDw) - UAPI: Updating endpoint
2022-03-28 22:14:56.915608: [NET] peer(gU+f…KyDw) - UAPI: Updating persistent keepalive interval
2022-03-28 22:14:56.915656: [NET] peer(gU+f…KyDw) - UAPI: Removing all allowedips
2022-03-28 22:14:56.915732: [NET] peer(gU+f…KyDw) - UAPI: Adding allowedip
2022-03-28 22:14:56.915834: [NET] peer(gU+f…KyDw) - UAPI: Adding allowedip
2022-03-28 22:14:56.916262: [NET] UDP bind has been updated
2022-03-28 22:14:56.916320: [NET] Routine: receive incoming v4 - started
2022-03-28 22:14:56.916338: [NET] Routine: receive incoming v6 - started
2022-03-28 22:14:56.916369: [NET] peer(gU+f…KyDw) - Starting
2022-03-28 22:14:56.916527: [NET] Interface state was Down, requested Up, now Up
2022-03-28 22:14:56.916583: [NET] Device started
2022-03-28 22:14:56.916711: [NET] Tunnel interface is utun7
2022-03-28 22:14:56.916905: [NET] peer(gU+f…KyDw) - Routine: sequential receiver - started
2022-03-28 22:14:56.916940: [NET] peer(gU+f…KyDw) - Routine: sequential sender - started
2022-03-28 22:14:56.919551: [NET] Network change detected with satisfied route and interface order [en0, pdp_ip0]
2022-03-28 22:14:56.919567: [APP] Tunnel 'Bkiste WireGuard' connection status changed to 'connected'
2022-03-28 22:14:56.919748: [NET] DNS64: mapped 2001:16b8:2903:a8a1:de15:xxx to itself.
2022-03-28 22:14:56.919860: [NET] peer(gU+f…KyDw) - UAPI: Updating endpoint
2022-03-28 22:14:56.920062: [NET] Routine: receive incoming v4 - stopped
2022-03-28 22:14:56.920095: [NET] Routine: receive incoming v6 - stopped
2022-03-28 22:14:56.920479: [NET] UDP bind has been updated
2022-03-28 22:14:56.920490: [NET] Routine: receive incoming v4 - started
2022-03-28 22:14:56.920529: [NET] Routine: receive incoming v6 - started
2022-03-28 22:14:57.498223: [NET] Network change detected with satisfied route and interface order [en0, utun7, pdp_ip0]
2022-03-28 22:14:57.498747: [NET] DNS64: mapped 2001:16b8:2903:a8a1:de15:xxx to itself.
2022-03-28 22:14:57.499456: [NET] peer(gU+f…KyDw) - UAPI: Updating endpoint
2022-03-28 22:14:57.499862: [NET] Routine: receive incoming v4 - stopped
2022-03-28 22:14:57.499954: [NET] Routine: receive incoming v6 - stopped
2022-03-28 22:14:57.500658: [NET] UDP bind has been updated
2022-03-28 22:14:57.500733: [NET] Routine: receive incoming v4 - started
2022-03-28 22:14:57.500789: [NET] Routine: receive incoming v6 - started
2022-03-28 22:14:57.511516: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 22:15:02.786303: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 22:15:02.786702: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 22:15:07.951555: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 22:15:07.951875: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 22:15:13.113866: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 22:15:18.294678: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 22:15:18.294947: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 22:15:23.549727: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 22:15:23.550064: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 22:15:28.105206: [APP] Status update notification timeout for tunnel 'Bkiste WireGuard'. Tunnel status is now 'connected'.
2022-03-28 22:15:28.733454: [NET] peer(gU+f…KyDw) - Sending handshake initiation
2022-03-28 22:15:29.205320: [APP] startDeactivation: Tunnel: Bkiste WireGuard
2022-03-28 22:15:29.214251: [APP] Tunnel 'Bkiste WireGuard' connection status changed to 'disconnecting'
2022-03-28 22:15:29.560333: [NET] Stopping tunnel
2022-03-28 22:15:29.560821: [NET] Device closing
2022-03-28 22:15:29.561023: [NET] Routine: TUN reader - stopped
2022-03-28 22:15:29.561173: [NET] Routine: event worker - stopped
2022-03-28 22:15:29.561316: [NET] Routine: receive incoming v4 - stopped
2022-03-28 22:15:29.561526: [NET] Routine: receive incoming v6 - stopped
2022-03-28 22:15:29.561692: [NET] peer(gU+f…KyDw) - Stopping
2022-03-28 22:15:29.561890: [NET] peer(gU+f…KyDw) - Routine: sequential sender - stopped
2022-03-28 22:15:29.561927: [NET] peer(gU+f…KyDw) - Routine: sequential receiver - stopped
2022-03-28 22:15:29.562288: [NET] Device closed
2022-03-28 22:15:29.562469: [NET] Routine: decryption worker 2 - stopped
2022-03-28 22:15:29.562501: [NET] Routine: handshake worker 2 - stopped
2022-03-28 22:15:29.562561: [NET] Routine: decryption worker 6 - stopped
2022-03-28 22:15:29.562611: [NET] Routine: handshake worker 3 - stopped
2022-03-28 22:15:29.562685: [NET] Routine: handshake worker 4 - stopped
2022-03-28 22:15:29.562705: [NET] Routine: handshake worker 6 - stopped
2022-03-28 22:15:29.562783: [NET] Routine: decryption worker 1 - stopped
2022-03-28 22:15:29.562884: [NET] Routine: handshake worker 5 - stopped
2022-03-28 22:15:29.563014: [NET] Routine: decryption worker 4 - stopped
2022-03-28 22:15:29.563220: [NET] Routine: decryption worker 3 - stopped
2022-03-28 22:15:29.563322: [NET] Routine: decryption worker 5 - stopped
2022-03-28 22:15:29.563406: [NET] Routine: handshake worker 1 - stopped
2022-03-28 22:15:29.563842: [NET] Routine: encryption worker 1 - stopped
2022-03-28 22:15:29.563838: [NET] Routine: encryption worker 4 - stopped
2022-03-28 22:15:29.563906: [NET] Routine: encryption worker 2 - stopped
2022-03-28 22:15:29.563947: [NET] Routine: encryption worker 5 - stopped
2022-03-28 22:15:29.563981: [NET] Routine: encryption worker 3 - stopped
2022-03-28 22:15:29.563999: [NET] Routine: encryption worker 6 - stopped
2022-03-28 22:15:29.597027: [APP] Tunnel 'Bkiste WireGuard' connection status changed to 'disconnected'
58

basically your client is not able to connect to server

2022-03-28 22:15:23.549727: [NET] peer(gU+f…KyDw) - Handshake did not complete after 5 seconds, retrying (try 2)
2022-03-28 22:15:23.550064: [NET] peer(gU+f…KyDw) - Sending handshake initiation

Are you sure you have an external IPv6 address only? No IPv4? Does your DietPi device is using IPv6 as well?

59

Dear Joulinar,
this was the error. My internet connection had only DS-Lite. Thereby only one IPv6 is assigned. You don’t get a real IPv4 anymore. My provider has now changed this on request and I have a real IPv4 again. Now WireGuard also works. The Ordroid has also not been assigned an IPv6 in the configuration of WireGuard. Maybe it would have worked that way.

thank you very much for your patience and your help!

60

ok, good you could solve it with your ISP