I want to be able to setup Wireguard between two WSL2 instances on the same LAN but I cannot reach connectivity between them.
I have the following setup:
- Windows network 192.168.0.0/24
- Wireguard network 10.0.0.0/24
- Machine 1 with WSL2 Ubuntu 20.04 (W10 host)
- WSL2 network 172.19.208.0/28
- WSL2 ip interface 172.19.209.104
- WSL2 wireguard ip 10.0.0.2/24
- Machine 2 with WSL2 Ubuntu 20.04 (W10 host)
- WSL2 network 172.27.224.0/28
- WSL2 ip interface 172.27.234.66
- WSL2 ip Wireguard 10.0.0.1/24
Execute on Machine 1 WSL2: wg-quick up wg0
.
Machine 1 Wireguard config /etc/wireguard/wg0.conf
[Interface]
PrivateKey = blablablalbal
ListenPort = 60709
Address = 10.0.0.2/24
[Peer]
PublicKey = blablablabal
Endpoint = 192.168.0.3:42659
AllowedIPs = 10.0.0.1/32
Execute on Machine 2 WSL2: wg-quick up wg0
Machine 2 Wireguard config /etc/wireguard/wg0.conf
[Interface]
PrivateKey = blablablalbal
ListenPort = 42659
Address = 10.0.0.1/32
[Peer]
PublicKey = blablablabal
Endpoint = 192.168.0.3:60709
AllowedIPs = 10.0.0.2/32
Tests:
- ping 10.0.0.1 from Machine 1 or ping 10.0.0.2 from Machine 2 does not respond.
- traceroute no info
- interfaces wg0 up on both machines
- different AllowedIPs (full Wireguard range /24..)
- portproxy from Windows host to WSL2 Wireguard ports:
Machine 1
netsh interface portproxy add v4tov4 listenport=60709 listenaddress=192.168.0.3 connectport=60709 connectaddress=10.0.0.2
Machine 2
netsh interface portproxy add v4tov4 listenport=42659 listenaddress=192.168.0.4 connectport=42659 connectaddress=10.0.0.1
Routes on Machine 1 WSL2 Ubuntu
default via 172.19.208.1 dev eth0
10.0.0.0/24 dev wg0 proto kernel scope link src 10.0.0.2
172.19.208.0/20 dev eth0 proto kernel scope link src 172.19.209.104
Routes on Machine 2 WSL2 Ubuntu
default via 172.27.224.1 dev eth0
10.0.0.0/24 dev wg0 proto kernel scope link src 10.0.0.1
172.27.224.0/20 dev eth0 proto kernel scope link src 172.27.234.66
I think I have something missing on routing, but I dont know what else to do. Could any give me a hint or help?
Thanks.
portproxy
. It defaults to TCP, which is not what WireGuard uses.