Home › Forums › Discussions › Support › Can’t start instalation WireSock on Windows7 x64
Tagged: Wiresock
- This topic has 13 replies, 2 voices, and was last updated 2 years, 7 months ago by DziadekMatt.
-
AuthorPosts
-
February 12, 2022 at 8:52 pm #12139
Hi dear Vadim, when I start instalation wiresock-vpn-client-x64-1.1.2.1.msi on Windows7 x64 (SP1 with all updates) I get the error bellow:
Can you help me with sollution please.
February 12, 2022 at 10:02 pm #12141Hi,
Sorry, this is my fault, I had not tested the installer on Windows 7. I’ve just updated the installer, please re-download and try to install.
-Vadim
February 13, 2022 at 7:58 pm #12142Vadim, good evening, thanks for your fast response.
The program has been successfully installed, but, after the start of the WireSock service, the handshake does not occur, and the following error is recorded to a log file screenshot bellow:
WireGuard and Dante servers are on the same VPS (Debian 10) with the one IP address.
Dante (SOCKS5 proxy) server, configured according by your instructions. I checked on the client computer: by writing the address of my proxy in the browser settings, browser traffic is redirected through the proxy server correctly.
I can’t find where the problem could be, or may be win7 unable to work correctly by redirecting udp traffic via socks5?
February 13, 2022 at 9:18 pm #12143Good evening, Dziadek!
I think the problem is with Dante server:
[SOCKS5]: associate_to_socks5_proxy: Failed to receive socks5_ident_resp:: 10054
Error code 10054 (WSAECONNRESET) means that connection was reset by the remote peer (Dante). How have you configured the Dante server? According to the log, it does not use username/password authentication, right? How have you limited access to it? By an IP address?
February 14, 2022 at 8:41 pm #12146Vadim, good evening,
How have you configured the Dante server?
Dante (SOCKS5 proxy) server, configured according instructions:
logoutput: /var/log/socks.log
internal: eth0 port = 1080
external: eth0
clientmethod: none
socksmethod: none
user.privileged: root
user.notprivileged: nobodyclient pass {
from: [CLIENT EXT IP]/32 to: 0.0.0.0/0
log: error connect disconnect
}
client block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}
socks pass {
from: 0.0.0.0/0 to: 0.0.0.0/0
udp.portrange: 40000-45000
#command: udpassociate
log: error connect disconnect
}
socks block {
from: 0.0.0.0/0 to: 0.0.0.0/0
log: connect error
}According to the log, it does not use username/password authentication, right? How have you limited access to it? By an IP address?
Temporarily for testing Dante server does not use username/password authentication, I limited access by only an IP address.
I checked the availability of the server by setting the browser socks5 proxy settings on the client machine, and browser traffic is redirected through the this socos5 server correctly.
February 14, 2022 at 9:03 pm #12147Hmm, a little confusing. However, when you start the application specifying debug level “all” it also creates PCAP files with traffic captures. Could you please share the wiresock_ext.pcap? It should contain something like on the screenshot below:
February 14, 2022 at 9:42 pm #12148Vadim, bellow link to pcap files:
February 14, 2022 at 10:36 pm #12149Well, Dante resets the connection immediately after processing the packet with authentication methods:
This is confusing if your browser connects fine… Could you please double-check if [CLIENT EXT IP]/32 in Dante configuration file matches your external IP? It behaves like you have a wrong IP address there.
You could try to change it to 0.0.0.0/0, restart Dante and check if it helps. For the security reasons, you could consider enabling username/password authentication.
February 15, 2022 at 7:04 am #12150Vadim, I turned off the Dante server filtering by IP, but still the error remained.
Dante logs at the time of the error give the below entries:Feb 15 07:29:54 (1644892194.992458) danted[18143]: info: pass(1): tcp/accept [: [CLIENT EXT IP].46837 [SERVER EXT IP].1080
Feb 15 07:29:55 (1644892195.080458) danted[18143]: info: block(1): tcp/accept ]: [CLIENT EXT IP].46837 [SERVER EXT IP].1080: error after reading 4 bytes in 0 seconds: Connection reset by peer
Feb 15 07:33:52 (1644892432.568395) danted[18143]: info: pass(1): tcp/accept [: [CLIENT EXT IP].23938 [SERVER EXT IP].1080
Feb 15 07:33:52 (1644892432.662061) danted[18143]: info: block(1): tcp/accept ]: [CLIENT EXT IP].23938 [SERVER EXT IP].1080: error after reading 4 bytes in 1 second: Connection reset by peerIt looks like something is preventing UDP traffic from passing through Dante
February 15, 2022 at 8:06 am #12151It’s really weird. It looks like you have a firewall in between that is blocking SOCKS5. Web browsers use SOCKS4 by default, and maybe that matters. To clarify, could you please capture the Dante traffic on the server side? For example, for my test machine in Oracle cloud:
ubuntu@instance-20211213-2206:~$ sudo tcpdump -D 1.ens3 [Up, Running] 2.lo [Up, Running, Loopback] 3.any (Pseudo-device that captures on all interfaces) [Up, Running] 4.bluetooth-monitor (Bluetooth Linux Monitor) [none] 5.nflog (Linux netfilter log (NFLOG) interface) [none] 6.nfqueue (Linux netfilter queue (NFQUEUE) interface) [none] ubuntu@instance-20211213-2206:~$ sudo tcpdump -vv -i ens3 -w file.pcap port 1080 tcpdump: listening on ens3, link-type EN10MB (Ethernet), capture size 262144 bytes 11 packets captured 11 packets received by filter 0 packets dropped by kernel
The resulted capture in Wireshark:
February 15, 2022 at 8:20 am #12152It looks like you have a firewall in between that is blocking SOCKS5.
If this is the case and if you are interested in further research, I think we could find & add another suitable method instead of SOCKS5.
February 21, 2022 at 8:53 pm #12154Vadim, good evening,
Sorry for the late reply, I haven’t had the time in recent days to reinstall and reconfigure my Dante server.
After I set up user and password authentication on Dante, the handshake between WG server and WireSock was successful.
But despite the fact that the handshake was successful, the program did not work correctly, redirecting traffic through the server, or access to the server over a private network failed. I also noticed that when I starting the service, the TUN network adapter does not appear, as it did normally when the wireguard client was started. Also, I did not understand the server redirection to strange addresses that can be seen in the logs:
[SOCKS5]: S2C_AFTER: 2.0.0.0 : 14080 -> 192.168.1.105 : 64262
[SOCKS5]: S2C_AFTER: 3.0.0.0 : 2560 -> 192.168.1.105 : 64262
[SOCKS5]: S2C_AFTER: 4.0.0.0 : 2304 -> 192.168.1.105 : 64262 etc.
the log file is bellow:
February 21, 2022 at 10:51 pm #12155I also noticed that when I starting the service, the TUN network adapter does not appear, as it did normally when the wireguard client was started.
WireSock does not add a virtual network adapter, NAT and encryption are applied to packets on the fly. This is very similar to how the Cloudflare WARP client works.
[SOCKS5]: S2C_AFTER: 4.0.0.0 : 2304 -> 192.168.1.105 : 64262 etc.
This is my fault, I didn’t test the configuration when both SOCKS5 and Wireguard are running on the same IP. Please download update v.1.1.5 and check how it works.
February 22, 2022 at 3:54 pm #12157Vadim, great news, 1.1.5 passes the handshake and correctly redirects traffic through the WG server.
I think, after purchased another equipment from China, the specialists didn’t completely configured it, and left the some default settings, with the blocked WG service, because Open VPN and other famous protocols works correctly.
Thank you very much for taking the time to resolve this issue!
-
AuthorPosts
- You must be logged in to reply to this topic.