Wireguard-tools (wg-quick) on Vero 4k+

I recently bought a Vero 4k + and I am now attempting to get wireguard working on it.

I am using the latest kernel: 4.9.113-45-osmc, and according to posts on this forum (i.e: Wireguard client , Has anybody tried to install Wireguard?), wireguard is now supported in the kernel. I do however need the wireguard-tools package and I can’t seem to figure out how to get it working.

I have been trying to find a solution but it feels none of the posts actually address this properly since the kernel module is now included. Is there anyone out there who can help?

Try
sudo apt-get install wireguard-tools

Yes, this is how I usually do it on my linux-machines.
However the osmc doesn’t include that package:

E: Unable to locate package wireguard-tools

Ok, seems it is only in buster-backports.
So you would need to add that to your apt sources.list as explained here

Skip the first part of that how-to just to the step of Install WireGuard

Nice! Thanks a lot!

That did the trick, my wireguard tunnel is now up and running properly.

Hello, i tried to install this one… But i am getting the last “error”

wg-quick.target is a disabled or a static unit, not starting it.

How can i solve it to start wg automatically?

AND when i tried to start ist:

Mär 19 11:26:15 osmc systemd[1]: wg-quick@hosivero.service: Main process exited, code=exited, status=4/NOPERMISSION
Mär 19 11:26:15 osmc systemd[1]: wg-quick@hosivero.service: Failed with result 'exit-code'.
Mär 19 11:26:15 osmc systemd[1]: Failed to start WireGuard via wg-quick(8) for hosivero

Can someone help?

Did you add a Wireguard configuration? You can’t start the service without one and it is a parameterised target.

yes, i think so…

sudo nano /etc/wireguard/hosivero.conf

this is hosivero.config

[Interface]
PrivateKey= uI2/ixxxxxxxxxxxxxxxxxxxxxxxm20=
ListenPort = 5xxx0
Address = 1xx.1xx.1xx.1/32

# Standard Routing
# Die Netzwerkkarte eth0 muss ausgetauscht werden gegen die Netzwerkkarte des V>
PostUp     = iptables -t nat -A POSTROUTING -o hosivero -j MASQUERADE
PostDown   = iptables -t nat -D POSTROUTING -o hosivero -j MASQUERADE
PostUp     = iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown   = iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE

[Peer]
PublicKey = jIGxxxxxxxxxxxxxxxxxxxxxOiI=
AllowedIPs = 1xx.1xx.1xx.0/24

thats all that i did… should i do more?

Check your permission issue?

can you tell me how?

Not sure how you tested so far but have you tried sudo wg-quick up hosivero?

osmc@osmc:~$ sudo wg-quick up hosivero
[#] ip link add hosivero type wireguard
[#] wg setconf hosivero /dev/fd/63
[#] ip -4 address add 1xx.xxx.xxx…1/32 dev hosivero
[#] ip link set mtu 1420 up dev hosivero
[#] ip -4 route add 1xx.xxx.xxx.0/24 dev hosivero
[#] iptables -t nat -A POSTROUTING -o hosivero -j MASQUERADE
iptables v1.8.7 (nf_tables): CHAIN_ADD failed (No such file or directory): chain POSTROUTING
[#] ip link delete dev hosivero

eh, sorry, can it be because i am loged in as ssh osmc@ipOfVero

Should i maybe logedin as root@IPofVERO??? But what login Data need i to login as root?

No need that is what the sudo takes care of.

You have a mistake in your iptables rules.

Hi,

Can you please check what mode iptables is running in with this command:-

sudo update-alternatives --config iptables

If its not already please try iptables-legacy (You can easily revert by running the above command).

You may need to reboot for the change to take effect.

If its still not working please provide the output of sudo wg-quick up hosivero again?

Regards Tom.