Wireguard - Unsupported protocol type

Software SW help
, ,
1

Hello,
I’m trying to configure a wireguard interface following this guide
https://wiki.turris.cz/doc/en/public/wireguard

But something is not working and I’m gotting a Unsupported protocol type from luci.
In fact if I try to create a new interface from luci “wireguard” is not present on the drop down list.

Al the packages suggested on the guide are installed.

Kernel Version:5.15.78
Model:CZ.NIC Turris Mox Board
Architecture:ARMv8 Processor rev 4
Firmware Version:TurrisOS 6.0.3 079ce0413a1e3c19dd00be1b90d

What I’m missing?

2

Have you installed the wireguard protocol module into Luci?

Installation

WireGuard requires a number of OpenWrt packages to be installed.

opkg update
opkg install luci-proto-wireguard luci-app-wireguard kmod-wireguard wireguard-tools

luci-app-wireguard adds a basic status UI into LuCI; it is recommended but not mandatory.

3

Yes I have, all the suggested packets are installed. I will post the content of the network file later but everything seems to be correct.

I’ve also tried to re-install the packets, just in case.

4

I use wg-quick instead of the luci integration, so the packages I install might be a bit different. I install kmod-wireguard, kmod-ipt-raw6, kmod-nft-fib, nftables and wireguard-tools.

5

I do not try to do a complete manual configuration of the tunnel, I suppose in that case kmod-wireguard and wireguard-tools could be enough to manage it (except for the firewall part).

But I would prefer to have it working with uci/luci as the other interfaces, and I think it should as it is also one of the few “tools” you can install “directly” from foris.

6

We have some plans for a Wireguard reForis integration, but it’s currently not a priority: Support for Wireguard integration (#1) · Issues · Turris / Foris Controller / foris-controller-wireguard-module · GitLab

1 Like
7

I understand the reForis integration is not a priority for wireguard. Personally I think a working LuCI integration is enough. In fact in my case the LuCI integration is the one that seems to give problem.
I will try to give some more details tonight but I don’t know what kind of debug information could be usefull.

8

Did you try to reboot your router?

9

Yes I did.

This is the config/network file:

config interface 'wg0'
        option proto 'wireguard'
        option private_key 'xxx'
        option listen_port '14001'
        list addresses '10.0.10.0/24'

config wireguard_wg0
        option preshared_key 'xxx'
        option public_key 'xxx'
        option route_allowed_ips '1'
        list allowed_ips '10.0.10.1/32'
        option persistent_keepalive '25'
        option description 'tione'

But I don’t think the problem is here

10

You can try to reinstall the system by running pkgupdate --reinstall-all and see if it helps.

1 Like
11

In fact that resolved the problem. Just reinstalling the packages related to wireguard was not enough.

Thank’s

12

Here is my configuration (redacted of course), my link is to a Mikrotik 4011 and it’s been rock solid for months.

config interface 'wg0'
	option proto 'wireguard'
	option private_key 'private key'
	option listen_port '35535'
	list addresses '192.168.147.2/30' #This is the subnet of the tunnel since it's routed and not bridged
	option metric '11'

config wireguard_wg0
	option public_key 'pub key'
	option preshared_key 'PSK Value'
	option description 'Chance'
	option endpoint_port '35535'
	option persistent_keepalive '25'
	list allowed_ips '0.0.0.0/0'
	option route_allowed_ips '1'
	option endpoint_host 'endpoint address'

I also have several static routes since I didn’t configure OSPF yet on the turris. My hardware is a 2020 Turris Omnia.

13

I had the same issue and pkgupdate --reinstall-all also resolved it for me.