Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com
Wireguard handshake did not complete after 5 seconds on home network
New on LowEndTalk? Please Register and read our Community Rules.

Wireguard handshake did not complete after 5 seconds on home network

Hi guys

I'm having a problem with Wireguard not connecting on my home network (VDSL) but working fine if I use the same Wireguard server on mobile network.

The error is handshake did not complete after 5 seconds.

I'm not manually setting up Wireguard, I set it up using these two scripts so the config is correct:
https://github.com/Nyr/wireguard-install
https://github.com/angristan/wireguard-install

The problem is happening on different providers, not just one provider.

One interesting note is that I have two other servers that I setup with https://github.com/StreisandEffect/streisand/ 2 years ago and I can connect to Wireguard using my home network (and mobile network) with no issues at all.

I've tried with different Ubuntu versions (from 16 to 20) and on Debian 10 but the same result, it works fine on mobile network but not on my home network.

I can connect to the server listening port from my home network using ncat, I send some text and I receive it on the server without issues.

I tried different MTU values on both the server interface and client profiles, nothing.

Any help would be appreciated.

Just Lurking

Comments

  • Hi @Kassem!

    My strong tip is the NAT LoopBack is not available or not enabled.

    As a first step, try to establish the connection on your local network with server using the server machine's LAN IPv4 address.

  • Thanks for your comment @adns !

    NAT loopback in the server with Wireguard?

    Not sure if I understand what you mean by using the server machine's LAN IPv4 address.

    Do you mean to change the endpoint IP in my client config file to a private IP like 10.7.0.1? how would that work?

    Can you clarify please?

    Just Lurking

  • @Kassem said:
    Thanks for your comment @adns !

    NAT loopback in the server with Wireguard?

    Not sure if I understand what you mean by using the server machine's LAN IPv4 address.

    Do you mean to change the endpoint IP in my client config file to a private IP like 10.7.0.1? how would that work?

    Can you clarify please?

    NAT loopback helps to you can use your external IP on your local network to access local devices. For example, if you host a webserver on local network, if you have NAT loop back, you can use external IP in local network to acces webserver. Otherwise, you can only use the private IP in local network instead of external. E.G. 192.168.1.5.

    Yes, change the endpoint to local IP (10.xxx.xxx.xxx or 192.168.xxx.xxx) in client config.

  • @adns

    Thanks for clarifying. Would this be applicable if the Wireguard server is installed on a Hetzner VPS?

    That's what I'm trying to do, use my Wireguard setup on remote server as a VPN (route all my traffic through it).

    Just Lurking

  • KassemKassem Member

    Still having the issue and not sure how to get to the bottom of it.

    Other servers work fine (OpenVPN + Shadowsocks) and the same setup script (Nyr) works fine on Hetzner, DigitalOcean with my ISP.

    Just Lurking

Sign In or Register to comment.