Can’t start instalation WireSock on Windows7 x64

Home Forums Discussions Support Can’t start instalation WireSock on Windows7 x64

Tagged: 

Viewing 14 posts - 1 through 14 (of 14 total)
  • Author
    Posts
  • #12139
    DziadekMatt
    Participant

      Hi dear Vadim, when I start instalation wiresock-vpn-client-x64-1.1.2.1.msi on Windows7 x64 (SP1 with all updates) I get the error bellow:

      Can you help me with sollution please.

      #12141
      Vadim Smirnov
      Keymaster

        Hi,

        Sorry, this is my fault, I had not tested the installer on Windows 7. I’ve just updated the installer, please re-download and try to install.

        -Vadim

        #12142
        DziadekMatt
        Participant

          Vadim, good evening, thanks for your fast response.

          The program has been successfully installed, but, after the start of the WireSock service, the handshake does not occur, and the following error is recorded to a log file screenshot bellow:

          WireGuard and Dante servers are on the same VPS (Debian 10) with the one IP address.

          Dante (SOCKS5 proxy) server, configured according by your instructions. I checked on the client computer: by writing the address of my proxy in the browser settings, browser traffic is redirected through the proxy server correctly.

          I can’t find where the problem could be, or may be win7 unable to work correctly by redirecting udp traffic via socks5?

          #12143
          Vadim Smirnov
          Keymaster

            Good evening, Dziadek!

            I think the problem is with Dante server:

            [SOCKS5]: associate_to_socks5_proxy: Failed to receive socks5_ident_resp:: 10054

            Error code 10054 (WSAECONNRESET) means that connection was reset by the remote peer (Dante). How have you configured the Dante server? According to the log, it does not use username/password authentication, right? How have you limited access to it? By an IP address?

            #12146
            DziadekMatt
            Participant

              Vadim, good evening,

              How have you configured the Dante server?

              Dante (SOCKS5 proxy) server, configured according instructions:

              logoutput: /var/log/socks.log
              internal: eth0 port = 1080
              external: eth0
              clientmethod: none
              socksmethod: none
              user.privileged: root
              user.notprivileged: nobody

              client pass {
              from: [CLIENT EXT IP]/32 to: 0.0.0.0/0
              log: error connect disconnect
              }
              client block {
              from: 0.0.0.0/0 to: 0.0.0.0/0
              log: connect error
              }
              socks pass {
              from: 0.0.0.0/0 to: 0.0.0.0/0
              udp.portrange: 40000-45000
              #command: udpassociate
              log: error connect disconnect
              }
              socks block {
              from: 0.0.0.0/0 to: 0.0.0.0/0
              log: connect error
              }

              According to the log, it does not use username/password authentication, right? How have you limited access to it? By an IP address?

              Temporarily for testing Dante server does not use username/password authentication, I limited access by only an IP address.

              I checked the availability of the server by setting the browser socks5 proxy settings on the client machine, and browser traffic is redirected through the this socos5 server correctly.

              #12147
              Vadim Smirnov
              Keymaster

                Hmm, a little confusing. However, when you start the application specifying debug level “all” it also creates PCAP files with traffic captures. Could you please share the wiresock_ext.pcap? It should contain something like on the screenshot below:

                #12148
                DziadekMatt
                Participant

                  Vadim, bellow link to pcap files:

                  https://dropmefiles.net/en/vk3ma9

                  #12149
                  Vadim Smirnov
                  Keymaster

                    Well, Dante resets the connection immediately after processing the packet with authentication methods:

                    This is confusing if your browser connects fine… Could you please double-check if [CLIENT EXT IP]/32 in Dante configuration file matches your external IP? It behaves like you have a wrong IP address there.

                    You could try to change it to 0.0.0.0/0, restart Dante and check if it helps. For the security reasons, you could consider enabling username/password authentication.

                    #12150
                    DziadekMatt
                    Participant

                      Vadim, I turned off the Dante server filtering by IP, but still the error remained.
                      Dante logs at the time of the error give the below entries:

                      Feb 15 07:29:54 (1644892194.992458) danted[18143]: info: pass(1): tcp/accept [: [CLIENT EXT IP].46837 [SERVER EXT IP].1080
                      Feb 15 07:29:55 (1644892195.080458) danted[18143]: info: block(1): tcp/accept ]: [CLIENT EXT IP].46837 [SERVER EXT IP].1080: error after reading 4 bytes in 0 seconds: Connection reset by peer
                      Feb 15 07:33:52 (1644892432.568395) danted[18143]: info: pass(1): tcp/accept [: [CLIENT EXT IP].23938 [SERVER EXT IP].1080
                      Feb 15 07:33:52 (1644892432.662061) danted[18143]: info: block(1): tcp/accept ]: [CLIENT EXT IP].23938 [SERVER EXT IP].1080: error after reading 4 bytes in 1 second: Connection reset by peer

                      It looks like something is preventing UDP traffic from passing through Dante

                      #12151
                      Vadim Smirnov
                      Keymaster

                        It’s really weird. It looks like you have a firewall in between that is blocking SOCKS5. Web browsers use SOCKS4 by default, and maybe that matters. To clarify, could you please capture the Dante traffic on the server side? For example, for my test machine in Oracle cloud:

                        ubuntu@instance-20211213-2206:~$ sudo tcpdump -D
                        1.ens3 [Up, Running]
                        2.lo [Up, Running, Loopback]
                        3.any (Pseudo-device that captures on all interfaces) [Up, Running]
                        4.bluetooth-monitor (Bluetooth Linux Monitor) [none]
                        5.nflog (Linux netfilter log (NFLOG) interface) [none]
                        6.nfqueue (Linux netfilter queue (NFQUEUE) interface) [none]
                        ubuntu@instance-20211213-2206:~$ sudo tcpdump -vv -i ens3 -w file.pcap port 1080
                        tcpdump: listening on ens3, link-type EN10MB (Ethernet), capture size 262144 bytes
                        11 packets captured
                        11 packets received by filter
                        0 packets dropped by kernel

                        The resulted capture in Wireshark:

                        #12152
                        Vadim Smirnov
                        Keymaster

                          It looks like you have a firewall in between that is blocking SOCKS5.

                          If this is the case and if you are interested in further research, I think we could find & add another suitable method instead of SOCKS5.

                          #12154
                          DziadekMatt
                          Participant

                            Vadim, good evening,

                            Sorry for the late reply, I haven’t had the time in recent days to reinstall and reconfigure my Dante server.

                            After I set up user and password authentication on Dante, the handshake between WG server and WireSock was successful.

                            But despite the fact that the handshake was successful, the program did not work correctly, redirecting traffic through the server, or access to the server over a private network failed. I also noticed that when I starting the service, the TUN network adapter does not appear, as it did normally when the wireguard client was started. Also, I did not understand the server redirection to strange addresses that can be seen in the logs:

                            [SOCKS5]: S2C_AFTER: 2.0.0.0 : 14080 -> 192.168.1.105 : 64262

                            [SOCKS5]: S2C_AFTER: 3.0.0.0 : 2560 -> 192.168.1.105 : 64262

                            [SOCKS5]: S2C_AFTER: 4.0.0.0 : 2304 -> 192.168.1.105 : 64262 etc.

                            the log file is bellow:

                            https://dropmefiles.net/en/M6Ne

                            #12155
                            Vadim Smirnov
                            Keymaster

                              I also noticed that when I starting the service, the TUN network adapter does not appear, as it did normally when the wireguard client was started.

                              WireSock does not add a virtual network adapter, NAT and encryption are applied to packets on the fly. This is very similar to how the Cloudflare WARP client works.

                              [SOCKS5]: S2C_AFTER: 4.0.0.0 : 2304 -> 192.168.1.105 : 64262 etc.

                              This is my fault, I didn’t test the configuration when both SOCKS5 and Wireguard are running on the same IP. Please download update v.1.1.5 and check how it works.

                              #12157
                              DziadekMatt
                              Participant

                                Vadim, great news, 1.1.5 passes the handshake and correctly redirects traffic through the WG server.

                                I think, after purchased another equipment from China, the specialists didn’t completely configured it, and left the some default settings, with the blocked WG service, because Open VPN and other famous protocols works correctly.

                                Thank you very much for taking the time to resolve this issue!

                              Viewing 14 posts - 1 through 14 (of 14 total)
                              • You must be logged in to reply to this topic.