Can I select the default interface when using WireSock VPN client on win10

Home Forums Discussions Support Portal Can I select the default interface when using WireSock VPN client on win10

Viewing 15 posts - 31 through 45 (of 56 total)
  • Author
    Posts
  • #11977
    Vadim Smirnov
    Keymaster

    I’ve looked through the captures, and basically, it looks ok. Although, there are some TCP sessions which were already active at the moment you activated Wiresock VPN client and packets from these sessions can be still received from outside the tunnel. At the same time, outgoing packets are forwarded over the tunnel and such sessions naturally die after retransmit attempts. So, the general recommendation is restarting the browser after activating the tunnel to avoid these session artifacts.

    Besides this, the approach with forwarding Wireguard handshake through the SOCKS5 proxy seems working as expected. Have you tried to test Wiresock VPN client with Wireguard service other than warp+?

    #11979
    Mustafa.Mah
    Participant

    Wiresock works fine with other services other than warp+ and there is no ip leaks so far, but there is still a minor issue that after connecting the tunnel works (according to logs) but no website load (DNS address could not be found) until I disable/enable the wifi.

    #11982
    Vadim Smirnov
    Keymaster

    Hmm, could you try to disable Adguard and check if the problem with DNS persists?

    #11983
    Mustafa.Mah
    Participant

    Actually I’ve done this but the problem still present, According to the log the dns requests are forwarded but there is no dns respons until I disable/enable wifi.

    #11984
    Vadim Smirnov
    Keymaster

    Could you collect PCAP files with disabled adguard and non-working DNS? I will check what can be wrong with DNS queries.

    #11985
    Mustafa.Mah
    Participant

    Here are PCAP files with adguard not running: https://easyupload.io/23402w

    #11986
    Vadim Smirnov
    Keymaster

    Yes, there is a problem, but it is not about the DNS…

    Handshake works fine over the UDP proxy and packets are sent out over the tunnel. However, only very few packets come back from WireGuard server. I can see only the following incoming packets:
    counter(258):session(1902), counter(199-204):session(1904), counter(250):session(1905). According to the counters, WireGuard server is sending packets to you, but most of them are dropped on the way. I wonder why refreshing the network connection resolves the issue, but it looks that not only handshake can be blocked…

    We could try to pass all WireGuard traffic over the UDP proxy to see if it improves the behavior.

    #11987
    Mustafa.Mah
    Participant

    People working at ISP in my country are doing a really good job at messing up everything.

    I also wonder why resetting wifi connection seems to fix this issue, We can give it a try and pass all traffic through proxy too but I think it will hit the performance and speed will be reduced (which won’t be a problem with my 12Mbps adsl connection).

    #11988
    Vadim Smirnov
    Keymaster

    Please try this build

    https://1drv.ms/u/s!AqMWR3uDO7eagdphxyLoAnh77tB0UQ?e=H3q4Xf

    Please note to reduce WireGuard MTU by 10 bytes. It can be a little noisy on -log-level all producing numerous messages from SOCKS:

    2021-12-21 21:58:39 [SOCKS5]: C2S_BEFORE: 192.168.1.26 : 58615 -> 152.70.176.114 : 59075
    2021-12-21 21:58:39 [SOCKS5]: C2S_AFTER: 192.168.1.26 : 58615 -> 132.226.194.27 : 43603
    2021-12-21 21:58:39 [SOCKS5]: C2S_BEFORE: 192.168.1.26 : 58615 -> 152.70.176.114 : 59075
    2021-12-21 21:58:39 [SOCKS5]: C2S_AFTER: 192.168.1.26 : 58615 -> 132.226.194.27 : 43603
    2021-12-21 21:58:39 [SOCKS5]: C2S_BEFORE: 192.168.1.26 : 58615 -> 152.70.176.114 : 59075
    2021-12-21 21:58:39 [SOCKS5]: C2S_AFTER: 192.168.1.26 : 58615 -> 132.226.194.27 : 43603
    2021-12-21 21:58:39 [SOCKS5]: C2S_BEFORE: 192.168.1.26 : 58615 -> 152.70.176.114 : 59075
    2021-12-21 21:58:39 [SOCKS5]: C2S_AFTER: 192.168.1.26 : 58615 -> 132.226.194.27 : 43603
    2021-12-21 21:58:39 [SOCKS5]: C2S_BEFORE: 192.168.1.26 : 58615 -> 152.70.176.114 : 59075
    2021-12-21 21:58:39 [SOCKS5]: C2S_AFTER: 192.168.1.26 : 58615 -> 132.226.194.27 : 43603
    2021-12-21 21:58:39 [SOCKS5]: S2C_BEFORE: 132.226.194.27 : 43603 -> 192.168.1.26 : 58615
    2021-12-21 21:58:39 [SOCKS5]: S2C_AFTER: 152.70.176.114 : 59075 -> 192.168.1.26 : 58615
    #11992
    Vadim Smirnov
    Keymaster

    However, may be the problem in the first handshake which I have passed over before the SOCKS connection was ready:

    It could result in DPI logging the WireGuard connection attempt and subsequent blocking of incoming packets. I will make another build to fix this.

    #11993
    Vadim Smirnov
    Keymaster

    Here is the build which sends only handshake over SOCKS5 but does not allow handshake to go out until SOCKS session is not ready.

    https://1drv.ms/u/s!AqMWR3uDO7eagdpiKKoUYwslX2XG_A?e=6COUAa

    #11996
    Mustafa.Mah
    Participant

    I tried the build in #11988 and it works well, as for the build in #11993 still having same issue unfortunately, It only starts working only after wifi reset.

    I’ve uploaded PCAP file and a copy of log for this session: https://upload1.easyupload.io/unw33c

    You can see in log starting from line 411 it is working and no more dns issues and websites load normally.
    I can try another router (old one) if you want so that I can eliminate router problems but my ip will change probably.

    #11997
    Vadim Smirnov
    Keymaster

    Regretfully, #11993 has the same problem with the first handshake. Please test the one below, I hope I have fixed all places where it could come from:

    https://1drv.ms/u/s!AqMWR3uDO7eagdpkWfB_aQsCvk66Tg?e=idzeGj

    #11998
    Mustafa.Mah
    Participant

    Thank you so much for your work. Now it is working really good. I’ve noticed that keep-alive packets are sent over socks (correct me if I’m wrong) so was that the problem, ISP router blocks keep-alive packets too?

    Edit: keep-alive packets sent every 20 sec (and sometimes ~60 sec) not 25 sec like set in config.

    #12000
    Mustafa.Mah
    Participant

    I’ve noticed inconsistency in sending keep-alive packets, sometimes sent every 20 sec or every 60 sec or even up to 120 sec (2min) which led to close of connection by ISP router and connection drops and client is trying to send keep-alive packets every 5 sec and no more handshake responses.

    This is a log for a session when only one app uses the tunnel it works fine until I close it and tunnel idle for a few minutes which causes what described above.
    https://upload1.easyupload.io/09ovbp

Viewing 15 posts - 31 through 45 (of 56 total)
  • You must be logged in to reply to this topic.